Security Architect - SaaS Security Architect - SaaS …

Two Sigma Investments, LLC
in New York, NY, United States
Permanent, Full time
Be the first to apply
Two Sigma Investments, LLC
in New York, NY, United States
Permanent, Full time
Be the first to apply
Security Architect - SaaS
Two Sigma is a different kind of investment manager. Since 2001, we have used data science and technology to derive insights that forecast the future and discover value in markets worldwide. Our team of scientists, technologists and academics looks beyond traditional finance to understand the bigger picture and develop creative solutions to some of the world's most difficult economic problems. Our work spans markets and industries, from insurance and securities to private investments and new ventures.

The Cloud Security team partners closely with our stakeholders through the design, development and implementation of initiatives that span various cloud provider platforms, in order to incorporate a robust security posture from the outset to accelerate innovation across the firm. This is a highly visible role with impact across many lines of business, each with distinct threat models, risks and technologies. This presents opportunities to own relationships with engineering and business partners, become the leader of this key element of our security posture, and build trust and credibility to help define and guide the roadmap for adoption of SaaS services across our various businesses. Success for this role will be defined through demonstrated ownership leadership of the SaaS technology area and associated tooling, contributions to the Cloud Security team's knowledge, tools, products, and documentation, as well as teaching and advising our partners. This role will entail building relationships with business partners, becoming their first point of contact and trusted advisor for security questions and guidance in their initiatives.

You will take on the following responsibilities:

The Cloud Security Architect will report to the manager for Cloud Security and will partner with a number of internal and affiliate businesses. Our work is fluid and dynamic, and on any given day this role could be engaged in any of the following tasks:

  • Assessing security risks associated with Software-as-a-Service (SaaS) providers and recommending requisite controls and guidance to meet the risk tolerance of the business

  • Defining security policies for the appropriate configuration and implementation of security controls native to these SaaS platforms and validating compliance with these policies

  • Evaluating supplementary controls such as Cloud Access Security Broker (CASB) solutions, and crafting policies and configurations for these solutions to complement and enhance the firm's security posture when leveraging SaaS solutions

  • Fulfil the role of a trusted security advisor to affiliate businesses that heavily utilize SaaS platforms

You should possess the following qualifications:

  • 3 years of experience conducting third-party reviews and risk assessments of SaaS services and vendors

  • 3 years of experience designing, reviewing or implementing security controls and policies for one of more of the following platforms:

    • Google G Suite

    • Microsoft Office365

    • Any of the prominent Cloud Access Security Broker technologies

You will enjoy the following benefits:

  • Core Benefits: Fully paid medical and dental insurance premiums for employees and dependents, 401k match, employer-paid life & disability insurance
  • Perks: Onsite gyms with laundry service, wellness activities, casual dress, snacks, game rooms
  • Learning: Tuition reimbursement, conference and training sponsorship
  • Time Off: Generous vacation, sick days, and paid caregiver leaves

We are proud to be an equal opportunity workplace. We do not discriminate based upon race, religion, color, national origin, sex, sexual orientation, gender identity/expression, age, status as a protected veteran, status as an individual with a disability, or any other applicable legally protected characteristics.