Requisition 25265: #LI-EB1
The primary responsibilities of the Security Architect are to design, enhance, and implement secure applications and cloud services. The Architect will develop security policies, standards and procedures to enhance the overall posture of Information Security. This person will conduct risk assessments to ensure the confidentiality, integrity and availability of information assets across the Norfolk Southern enterprise. The Security Architect will be involved in high-level architecture and design efforts to ensure secure solution delivery while minimizing risk to the organization.
- Support secure application deployments both on-prem and in multi-cloud environments (Azure, AWS) by designing security architectures to align with NS policies and best practices
- Ensure reference architectures exist outlining security requirements in conjunction with best practices leveraging CSA and NIST frameworks
- Responsible for promoting, designing, and evaluating application security in all phases of the application life cycle
- Responsible for application security and influencing, building, and assisting with information security challenges within applications
- Knowledge of security best practices, principles, and common security frameworks, such as NIST, CIS Top 20, OWASP, etc.
- Understanding of security by design principles and architecture level security concepts
- Knowledge of cloud technologies with specific experience in AWS or Microsoft Azure cloud technologies
- Knowledge of web, mobile, API, Microservices, network and security architectures and design patterns
- DevOps knowledge and working knowledge of CI/CD architectures, designs and implementations
- Experience with Cloud Security concepts in the areas of Governance, IAM, Network, Internet connectivity, logging and monitoring
- Working knowledge of developer tools and environments
- Communication, presentation and analytical skills along with the ability to thrive in a dynamic environment
- and handle multiple priorities.
- Knowledge of Netflow, PCAP Analysis
- Experience in securing container platforms such as docker, Kubernetes, GKE, Anthos or AKS
- Experience with various application security tools including SAST, DAST, & Penetration testing
- Splunk Enterprise Security
- Experience coding in Java, Python, or Go
Preferred Level: 3+ years
Preferred Level: Bachelor's Degree (BS)
Computer Science or Information Systems, Specialization in Information Security/Assurance is a plus
Licenses / Certifications:
Security certifications: CISSP, CCSP, Cloud certifications or willingness to obtain within 12 months of hire.Work Conditions:
Shift Work: No
Weekend Work: As Required
Travel Required: 0 - 2 Days per Month,
New Headquarters – Atlanta, GA
Norfolk Southern is in the process of constructing a vibrant & modern corporate HQ in Midtown Atlanta, GA. Our HQ is scheduled for completion in the summer of 2021. To check out a sneak peek, we've linked a playlist below.
Norfolk Southern Corporation (NYSE: NSC) is a Fortune 300 organization and one of the nation's premier transportation companies. Its Norfolk Southern Railway Company subsidiary operates approximately 19,500 route miles in 22 states and the District of Columbia, serves every major container port in the eastern United States, and provides efficient connections to other rail carriers.
We are a team of more than 20,000 employees working together to maintain our reputation as "The Thoroughbred of Transportation." As an industry leader, Norfolk Southern offers a competitive salary and an excellent benefits package.
At Norfolk Southern, we believe in celebrating our individuality. By leveraging the unique backgrounds and viewpoints of our employees, we can create a culture of innovation, respect, and inclusion. We know that employees thrive in a workplace where differing viewpoints, ideas, and experiences are freely shared and valued. As such, we encourage all employees to contribute their distinctive skills and capabilities to our organization.
Equal employment opportunities are available to all applicants regardless of race, color, religion, age, sex, national origin, disability status, genetic information, veteran status, sexual orientation and, gender identity. Together, we power progress.
Don't just work here, Thrive here.
Apply on company website