The Director, Security Architecture and Engineering is a key role in the Chief Information Security Officer (CISO) organization of LogMeIn, reporting to directly to the CISO. The role will be responsible for developing a comprehensive security architecture and design approach to enable the security organization to follow the Plan-Build-Run-Monitor approach and focus on ingraining core design principles and architectural concepts into the security controls and processes supporting overall company mission and goals. Fundamental concepts like Zero-trust architecture, segmented zoning, containerized applications, and multifactor authentication architecture are as applicable as are core principles such as security & privacy by design, least privileges, and common best practices. As we are creating a writing culture, we also want to establish an architectural design review culture to ensure our security processes are solid and aligned. This role will have first and foremost an internal focus on the security organization and the used systems, tools, and sources. After accomplishing this, the scope will be broadened to focus on certain aspects of engineering and process optimization.
- Develop a comprehensive diagram library of the current state architecture, and assess for potential gaps and opportunities, leveraging common best practices and frameworks such as SABSA, TOGAF, or similar
- Track and maintain changes to ensure an up-to-date inventory of security solutions and how they are tying into the overall security tool set and landscape, covering multiple viewpoints
- Develop and entertain a future state architecture leveraging state of the art concepts, technologies, and methodologies. Ensure architectural design concepts are put in place for all new solutions and tools before theyre put into production
- Perform and lead PoCs and technology upgrade discussions from an architectural viewpoint and enrich the teams capabilities to ensure solid and sustainable outcomes
- Build (hire) and lead a small group of security engineers and security specialists to support this newly created function on behalf and under the direction of the CISO. Ensure departmental goals will be reached and monitored ensuring sound technical solutions and solid process enhancements
- Validate existing solutions over time, build an appropriate roadmap for upgrades or decommissions and plan for proper tooling and resourcing
- Integrate into an existing security team with limited supervision and ensure full adoption of design concepts and operationalization of architected security controls. Proper handover to SecOps is core and center once solutions have been planned, designed, and built
- Help the CISO to establish a new SecDevOps approach for the enterprise, leveraging platforms, automation, and continuous improvements along the cycles and communicating this into the developer communities
- Facilitate further security champions from an architectural concept and integrate into existing design groups and move them forward to the next level(s).
- Other duties or tasks as assigned by management
As LogMeIn is a global organization, the Director of Security Architecture and Engineering will have some regular meetings and conference calls outside of normal respective office hours. Flexibility on good time management and covering a global organization is required and expected.
- A Masters degree in a technical/security field with combination of security-architecture and also security-engineering related work experience of at least 15 years (must have)
- Knowledge of security controls frameworks such as ISO27001/27002, NIST 800-53, SOC1-3, PCI, and architecture frameworks such as SABSA, TOGAF, Zachman and others
- Fast thinker, conceptually strong, well versed in different technology solutions and capable, willing, and accustomed to looking & thinking outside of the box and overcoming borders
- Excellent interpersonal communication, teamwork and project-, and program management skills
- Very strong both written and verbal communication skills with the proven ability to translate business needs into technology solutions and explain complex technology to business executives
- Strong sense of accountability with the ability to work independently under the guidance and direction of the CISO with limited supervision
- Demonstrated ability to quickly assess current architecture via discussion, document review, technical scans / logic compilation, and putting learned observations into architectural artefacts and diagrams / schemas
- Strong proven analytical and troubleshooting skills
- Strong personal integrity, accountability, the ability to take ownership of specific projects and program action items and to lead other engineers or technical personnel and holding them accountable to accomplish their assigned objectives and tasks
- Able to foster a collaborative and respectful working environment and build long-term business relationships with multiple areas and complex setups on a global scale
- High intrinsic motivation to move the needle and mature existing processes or structures to improve performance, resiliency, and security outcome. Must see and use architecture and engineering to build security by design, by default, and by deployment, and not as an end in itself
LogMeIn Product Portfolio: https://www.logmeininc.com/products
LogMeIns category-defining products unlock the potential of the modern workforce by making it possible for millions of people and businesses around the globe to do their best work simply and securelyon any device, from any location and at any time. A pioneer in remote work technology and a driving force behind todays work-from-anywhere movement, LogMeIn has become one of the worlds largest SaaS companies with tens of millions of active users, more than 3,500 global employees, over $1.3 billion in annual revenue and approximately 2 million customers worldwide who use its software as an essential part of their daily lives.