Enterprise Architect - Information Security

Full Time
Issaquah, WA
Areas of Interest: Systems Security Architecture
report a problem


The Enterprise Security Architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The Enterprise Security Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

Tasks and responsibilities

  • The enterprise security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The enterprise security architect should anticipate presenting analyses in person and in written formats to senior leadership
  • The enterprise security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers
  • Demonstrate flexibility within a variety of changing situations, while working with individuals and groups. Changes his or her own ideas or perceptions in response to changing circumstances. Alters standard procedures, when necessary, and multitasks when required
  • Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
  • Develop security strategy plans and roadmaps based on sound enterprise architecture practices
  • Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
  • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
  • Participate in application and infrastructure projects to provide security-planning advice
  • Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the VP of Information Security and Compliance  
  • Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
  • Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
  • Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
  • Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management or log management tool
  • Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including Information Security VP, directors, managers and analysts, as well as counterparts within the network teams.
  • Coordinate with our future DevOps teams to advocate secure coding practices
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
  • Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
  • Review network segmentation to ensure least privilege for network access
  • Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls
  • Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
  • Liaise with other security architects and security practitioners to share best practices and insights
  • Responsible for research and evaluation of new tools and technologies, and the individual is expected to stay abreast of new developments in the technology and retail industry.
  • Serves in capacity of technology advisory services for engaging with the business to "solve” business problems via technology and process innovation relative to IT capability requirements
  • Participate in PCI and SOX compliance process; and follow their standards in architecting solutions
  • Provide technology thought leadership - assessing priority of new project requests toward ensuring added value, promoting our business strategies and/or advancing our technology

Required skills, abilities, and certifications

  • Minimum of Ten years in an engineering and architectural role.
  • Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF
  • Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
  • Verifiable experience reviewing application code for security vulnerabilities
  • Direct, hands-on experience or a strong working knowledge of vulnerability management tools
  • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services
  • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
  • Full-stack knowledge of IT infrastructure:
  • Applications
  • Databases
  • Operating systems — Windows, Unix and Linux
  • Hypervisors
  • IP networks — WAN and LAN
  • Storage networks — Fibre Channel, iSCSI and NAS
  • Backup networks and media
  • Direct experience designing IAM technologies and services:
    • Active Director
    • Lightweight Directory Access Protocol (LDAP)
    • Cloud IAM
  • Strong working knowledge of IT service management (e.g., ITIL-related disciplines):

    • Change management
    • Configuration management
    • Asset management
    • Incident management
    • Problem management
  • Regulations, Standards and Frameworks

    • Payment Card Industry Data Security Standard (PCI-DSS)
    • Validated Systems (e.g., GAMP)
    • Sarbanes-Oxley
    • General Data Protection Regulation (GDPR)
    • Privacy Practices
    • ISO 27001/2
    • NIST Cybersecurity Framework (CSF)
    • ITAR

Share this job:

Costco Wholesale

Costco Wholesale is a multibillion dollar global retailer with warehouse club operations in 10 countries. We are the recognized leader in our field, dedicated to quality in every area of our business and respected for our outstanding business ethics. Despite our large size and rapid international expansion, we continue to provide an atmosphere in which our employees thrive and succeed.

If you are an ambitious, energetic person who enjoys a fast-paced team environment filled with challenges and opportunities, you've come to the right place. Our successful employees are service-oriented with integrity and commitment toward a common goal of excellence. Costco offers great jobs, great pay, great benefits and a great place to work.

Retail, Merchandising, Operations, E-commerce, and Travel

What Are You Looking For in a Career?
  • Exciting opportunities
  • Career growth
  • Friendly and supportive work environment
  • Stability
  • A workplace focused on ethics and obeying the law
  • Great benefits
Visit Costco Wholesale's Social Media pages:
Company Industry: Retail
Company Size: 10,001+
One other job with this company: