Cloud Security Architect

Cloud Security Architect

Global Partners LP is seeking a Cloud Security Architect (CSA) to join our Cyber Security Team and play a key role in Globals migration to the AWS public Cloud. The Cloud Security Architects main objective will be to secure and protect our public Cloud instances, workloads and applications from malicious threat actors, external threats, internal threats and malware. The CSA will work with various IT, Cyber Security and designated business teams to secure our Cloud infrastructure and applications in accordance with industry best practices and the ever-evolving threat landscape.

The CSA will also advise the Cyber Security Team on emerging vulnerabilities and newly introduced risks to Globals Cloud infrastructure and applications and take a proactive approach in continually assessing the security of those systems/applications throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities.

For over 75 years Global Partners has been delivering the energy, products, and services that make life better. Weve also successfully developed community integrated convenience stores where we aretransforming the customer experience and rethinking what it means to lead as an adaptive energy distribution company.This is a source of pride and frankly we dont plan on stopping. With our recent game changers such asAlltown FreshGourmet MarketandRenewable Diesel Fuel, we are looking to continue responsible and innovative growth. From design, supply, and tech were looking for people to contribute to our companys direction. Global Partners is a great opportunity for those looking to develop their career with a longstanding company motivated by whats next.

The Types of Energy You Bring?

• Excellent written and verbal communication skills.
• You are self-motivated and like to take initiative.
• You are a team player with a positive attitude.
• You have strong time management skills.

Gauges of Responsibility?

• Assist technical teams in migrations from on-prem systems to cloud platforms while establishing and maintaining a high level of security and compliance.
• Develop and maintain the necessary processes that enable the enterprise to implement security capabilities that are clearly aligned with the business, technology, and threat drivers.
• Develop in-depth Cloud security architecture, design and coding standards across infrastructure, application and data security.
• Drive a standardized set of Cloud security requirements that align with internal policies and meet external compliance/regulatory requirements.
• Lead adoption of security best practices and common commercial standards for cloud computing (e.g. NIST, ISO, CIS, COBIT, OWASP, etc.)
• Advise cyber operations and incident response teams on procedures and technology necessary to protect the Cloud environment from cyber-threats and data leakage.
• Assess and harden the Cloud architecture from cyber-attacks and threats.
• Performs risk and vulnerability assessments for the Cloud deployment, at regular intervals.
• Provide Cloud product security related coaching and mentoring to elevate security expertise of development and operations teams.
• Provide security and compliance subject matter expertise on Cloud applications and platforms (IaaS, PaaS, SaaS).
• Review new technologies for potential information security risk as part of the companys change management and architecture review processes.
• Advise and assist in Identity and Access Management (IAM) of Cloud resources, working closely with the IAM members of the security team to secure authentication to the companys Cloud resources.
• Ensure compliance of solutions to architectural standards, and in accordance with the companys security, compliance, and privacy policies.
• Stay informed on emerging cloud technologies and evaluate vendor offerings to determine best fit for business needs.
• Produce technical documents of systems and security architectures.
• Review the current enterprise Cloud architecture to identify weaknesses and opportunities for improvement using cloud solutions.
• Assist in the development and knowledge transfer to all Cyber Security Team members.
• Perform other assignments and special projects as needed.

Fuel forYou

• Coins!We offer competitive salaries and opportunities for growth. We mean it! We have an amazing Talent Development Team who create trainings for growth and job development.
• Health + Wellness- Medical, Dental, Visions and Life Insurance. Along with additional wellness support.
• The Road Ahead We offer 401k and a match component!
• Professional Development- We provide tuition reimbursement; this benefit is offered after 6 months of service.
• Give Back! We believe in community support. We know everyone gives in their own way, thats why we offer paid volunteer time-off to you to help an organization of your choice.

The GPS of our Interview Process

• First thing first, if youre interested in the role, please apply.
• A talent acquisition team member will review your resume in partnership with the hiring manager. If your experience would lend to this opportunity a recruiter willcontact you.
• We conduct in-person (ZOOM) interviews and provide additional interview information or other items needed at that time.

QUALIFICATIONS

• The ideal candidate will also have prior experience with:
• Cloud Security Compliance Frameworks and models, such as CIS, ISO, NIST, CSA CCM.
• Cloud Security Posture management (CSPM) tools such as Dome9.
• Successfully developed and implemented a security architecture for a public Cloud deployment.
• CISSP, CISA, CISM, CCSP or other relevant security related designation(s) required
• AWS Security Certification (preferred)
• AWS Solutions Architect Certifications (preferred)
• Familiarity with AWS or Azure Cloud security principles and Cloud security tools
• Working knowledge of common and industry standard Cloud app authentication (OAuth, OpenID, SAML, etc.)
• Familiarity with common web-hacking techniques (e.g., SQL Injection, XSS, CSRF, malware, phishing, etc.) and effective counter measures
• Perform cyber-threat modeling, conduct reviews of security architecture and platform/service designs
• Hands-on operational experience with common cyber security infrastructure (e.g., Firewalls, Intrusion Detection, AV, MFA, PKI, Encryption, etc.)
• Security Incident Response handling knowledge
• Excellent verbal and written communication skills, strong collaboration skills and comfortable working in a team environment.
• Perform effectively both independently and in a team environment
• Ability to manage stressful situations associated with cyber-attacks and influence technical staff regarding security, compliance and risk.
• Identify opportunities for improvement and make constructive suggestions for change
• Ability to multi-task and manage demands of multiple projects and make appropriate decisions and meet deadlines and manage changing priorities
• Familiarity with common web-hacking techniques (e.g., SQL Injection, XSS, CSRF, malware, phishing, etc.) and effective counter measures
• Broad knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), antivirus and firewalls, in addition to newer offerings such as endpoint.

Research shows that many, especially women and marginalized people, are hesitant to apply for job if they dont check every box. If you are excited about this position, and think you could have an impact here, please apply anyway, even if you dont meet every point on the job description. Wed love to hear from you. ?

Global is committed to attracting, developing and retaining a highly qualified, diverse and dedicated work force and maintains a zero-tolerance policy with respect to discrimination in its workplace. We consider applications for all positions without regard to age, ancestry, race, gender, color, religion or creed, marital status, national origin, citizenship, disability, military or veteran status, sexual orientation, gender identity and expression, genetic predisposition or carrier status, status as a victim or witness of domestic violence, sex offenses or stalking, prior record of arrest or conviction, unemployment status or any other classification or status protected by applicable state, local or federal law. If you have a disability and need an accommodation to apply, please contact our recruiting department at 781-891-4000.