Alaska Airlines Sr Cloud Information Security Architect in Seattle, Washington

Regular/Temporary: Regular

Job ID: 27896

Full/Part Time: Full-Time

Location: Seattle, WA

Job Title: Sr Cloud Information Security Architect

REPORTS TO

Managing Director, Information Security

ALASKA AIRLINES' STORY

Alaska Airlines is one of the most respected names in aviation and flies throughout its namesake state and the Lower 48, as well as to Hawaii, Canada and Mexico. Our roots date to 1932 and are symbolized by the Eskimo painted on the tails of our aircraft. Guided by what we call the "Alaska Spirit", we pride ourselves on providing a lifeline to remote communities while delivering renowned service to everyone we fly. This commitment has brought us national and international recognition. We've been honored with a variety of awards by readers of Travel + Leisure, Conde Nast Traveler, USA Today and others. Alaska is the premier airline for people on the West Coast and, together with its sister carrier Horizon Air, flies to more than 90 destinations. The two airlines are subsidiaries of Alaska Air Group Inc. (NYSE:ALK) with annual revenues exceeding $4 billion. .

POSITION INFORMATION

Role Summary The Senior Cloud Information Security Architect ensures the security of enterprise IT assets and information. This role is accountable for defining cloud security policy, analyzing and developing requirements, assessing the security of systems, and driving the overall cloud security posture of Alaska Airlines.

Scope & Complexity

  • This position supports cloud security activities for Alaska Air Group (AAG) and its subsidiaries.

Key Duties

  • This position requires the application of interpersonal skills with the ability to foster and grow business relationships, and to communicate at all levels of the organization. It requires a deep technical, architectural understanding of all facets of information security, including:

  • Application Development Security Life Cycle

  • Threat Modeling

  • Infrastructure Security Controls

  • Compliance (e.g. PCI, SOX, NIST, ISO)

  • Identity Management

  • Privacy

  • Drives the definition and implementation of the cloud security model and architecture standards for AAG.

  • Integrates security requirements into technology lifecycle management and contributes to multiple large, complex application projects with cross-functional teams and business users.

  • Serves as the security expert in providing solution designs and technical consulting services in support of maintaining compliance with all applicable requirements including industry best practice, internal policy, the Payment Card Industry - Data Security Standard, state data privacy laws, and ISO 27001 controls.

  • Guides Security Engineers through the research and advocacy of new technologies, architectures, and security products that support security requirements for the enterprise and its customers, business partners, and vendors.

  • Develops requirements, along with business, application development, and infrastructure partners, to drive the engineering processes that produce secure solutions.

  • Is a thought leader who effectively communicates with and influences peers and leadership regarding optimum architectural approaches to meet business requirements, while managing security risk and maintaining compliance.

  • Analyzes and recommends strategy and direction to mitigate security risks within the organization.

  • Acts as a change agent through hands-on technical leadership.

  • Demonstrates creative thinking and innovation with pragmatic outcomes that build constructive business relationships and gain the trust of others.

  • Mentors, coaches, and trains members of the Information Security team, the broader Information Technology Services team, and other technologists throughout AAG.

  • Drives continuous process and technology improvements.

Job-Specific Skills (years of experience, key knowledge, skills & abilities) Required

  • A minimum of 10 years of IT experience and 5 years of Information Security experience.

  • A minimum of 3 years of experience (5 years is preferred), serving in a Security Architect position.

  • A minimum of 3 years of experience supporting a technically diverse Cardholder Data Environment (CDE). (Strong PCI DSS knowledge and experience is preferred).

  • Cloud Security experience (AWS and Azure), including both IaaS and PaaS models.

  • Working knowledge of one or more security and IT Architecture standards, including COBIT, TOGAF, Open Security - Architecture, or Service Oriented Modeling Framework.

  • Demonstrated experience in the following areas: cloud, firewalls, intrusion detection & prevention, perimeter appliances, domain segmentation, filtering (virus, spam, etc.), network segmentation, authentication, enterprise portals, portal based access managers, database encryption, data encryption, host intrusion detection, enterprise directories (LDAP and Active Directory), and meta-directories.

  • Demonstrated knowledge of Service Oriented Architectures and Web Services standards as they relate to an enterprise security model.

Preferred

  • Industry certification in security (e.g. CISA, CISSP, and/or GIAC).

  • Ability to lead, build and develop team of senior IT professionals through formal and informal reporting relationships.

  • Proven experience in developing and executing plans, meeting deadlines, and operating under tight time constraints; monitoring trends in information technology, identity & access, and security that could have an impact on the security of the organization's products, processes, infrastructure, or customers.

  • Demonstrated ability to influence and clearly communicate across vast sections of IT and the business, including company leaders.

  • Demonstrated experience in making articulate and effective verbal and written presentations to different audiences.

  • Excellent organizational and leadership skills.

  • Demonstrated business acumen.

  • Excellent clear and concise verbal and written communication skills.

Job-Specific Leadership Expectations

  • Embody the Alaska Spirit and conduct oneself with Professionalism, Integrity, Resourcefulness and Caring

Education

  • Bachelor of Science degree in computer science, systems engineering, information technology, management information systems, a related discipline, or equivalent experience is required.

EEO

  • High school diploma or equivalent required

  • Minimum age of 18

  • Must be authorized to work in the U.S.

THE LOCATION

The location for this position is in Seattle, Washington

OUR CULTURE - ALASKA AIRLINES

For eligible employees, our company offers a unique total rewards package that few companies can match, including insurance coverage for medical, dental and vision care, 401(k) retirement savings plans, monthly and annual incentive bonus plans, time off and a generous employee travel program. Each day, we are guided by our core values of Professionalism, Caring, Resourcefulness, Integrity and Alaska Spirit at work and in our communities. Alaska Airlines also fosters a diverse and inclusive culture and is an Equal Opportunity Employer. .

POSTING INFORMATION

A few helpful tips when applying -

Before applying, we recommend that you clear your browsing history including your temporary internet files and disable pop-up blockers. You can accomplish this by going to the Tools tab.

Gather your paperwork, including your work history (we require 10 years of work history to be added to the application), resume etc. - before you apply to the position.

If you would like to include a cover letter, add it as your first page to your resume. Your resume is part of your application and unique to each position you apply to..

Once in the application, be sure to use the links provided to return to the previous page if needed. The back button is not compatible with our system.

Alaska Airlines and Horizon Air do not tolerate discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship status, age, sex, sexual orientation, gender identity or expression, marital status, disability, protected veteran status, genetic information, or any other basis protected by applicable law. Employees or applicants who inquire about, discuss, or disclose their compensation or the compensation of other employees or applicants are also protected by law.

Alaska Airlines y Horizon Air no toleran discriminacion o acoso en base a raza, color, credo, religion, origen nacional, estatus migratorio de residencia o ciudadania, edad, sexo, orientacion sexual, identidad de genero o expresion, estado civil, discapacidad, estado veterano protegido, informacion genetica o cualquier otra base protegida por la legislacion aplicable. Empleados o aspirantes que indaguen, discutan o revelen su compensacion o la remuneracion de otros empleados o aspirantes tambien estan protegidos por ley.