Security Architect

The Security Architect is a key member of the Hertz Global Information Security & Compliance organization. Lead role for maintaining a cyber security architecture program, standards, and security technology effectiveness. Consults on security for all Hertz technology projects, identifies risks, and contributes to the architecture of each project.

What You’ll Do:

Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with cloud, business, technology, and threat drivers.

Develops security strategy plans and roadmaps based on sound enterprise architecture practices.

Creates and maintains security architecture artifacts (i.e., threat models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.

Determines baseline security configuration standards for operating systems (i.e., CSPM, OS hardening) network segmentation.

Develop strategy for monitoring and managing Hertz external attack surface.

Develops standards and practices for data encryption and tokenization within Hertz, based on data classification criteria.

Drafts security procedures and standards to be reviewed by executive management and/or formally authorized by the Chief Information Security Officer.

Establishes a taxonomy of indicators of compromise (IOC’s) and shares this detail across the Hertz Cyber Security and Compliance organization, as well as counterparts within the Technology organization.

Tracks developments and changes in the Hertz digital business and threat environments to ensure they are adequately addressed in security strategy plans and architecture artifacts.

Validates IT infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risks, where applicable.

Validates security configurations and access to security infrastructure tools, including firewalls, IPS, WAF, and endpoint protection systems.

Conducts and participates in threat modeling of services and applications that tie to the risk and data associated with the service or application.

Coordinates with legal and compliance teams to document data flows of sensitive information within Hertz and recommends controls to ensure that this data is adequately secured.

Reviews security technologies, tools, and services, and makes recommendations to the broader security team for their use, based on security, financial, and operational metrics.

Liaises with other security architects and security practitioners to share best practices and insights.

Partners with internal audit to review and evaluate the design and operational effectiveness of security-related controls.

Drive optimal cyber security services to complete resolution according to security SLA’s.

Handle all private information with discretion and keep sensitive information private.

Partners with the enterprise architecture team to ensure all architectural artifacts are aligned with Hertz enterprise architecture strategies.

Excellent teamwork competencies, seeks out opportunities to partner with all stakeholders.

Mentors' junior security staff.

What We’re Looking For:

Bachelor's degree in computer science, MIS, or related field or equivalent experience.

7+ years of Information Security experience required, preferably in a global Fortune 500 corporation.

Applied knowledge of multiple security architectures to include cloud security.

Experience with the Network Security architecture methodologies.

Experience with STRIDE threat assessment methodologies.

Experience with a wide range of enterprise common security platforms, endpoint security, vulnerability management, etc.

Experience with network analysis tools.

Experience with edge security tools such as Imperva, Zscaler, and AWS WAF

Experience with securing cloud technology such as AWS

Experience using security tools such as Wiz.io

Experience automating processes using cloud tools such as AWS Lambda

Experience scripting in python, PowerShell, etc.

Deep expertise in security architecture.

Capable of working under pressure in a continually changing fast paced environment.

Ability to effectively collaborate with stakeholders across a global environment.

Strong written and verbal communication skills.

Strong analytical and problem-solving skills.

Certifications desired: AWS Solutions Architect, AWS Security Specialty, Certified Information Systems Security Professional, (CISSP) Certified Ethical Hacker, (CEH) GIAC Security Essentials Certifications, GIAC Certified Intrusion Analyst, Global Information Assurance Certification.

Ability to influence

Flexible and adaptable; ability to work effectively in ambiguous situations

Excellent verbal and written communication skills

Results driven, ability to make decisions and help solve problems

Ability to work under minimal supervision with a goal-oriented mindset.

Ability to see the big picture and leverage critical thinking and decision-making skills.

Excellent organization, time management, delegation, and prioritization skills.

What You’ll Get:

Up to 40% off the base rate of any standard Hertz Rental

Paid Time Off

Medical, Dental & Vision plan options

Retirement programs, including 401(k) employer matching

Paid Parental Leave & Adoption Assistance

Employee Assistance Program for employees & family

Educational Reimbursement & Discounts

Voluntary Insurance Programs - Pet, Legal/Identity Theft, Critical Illness

Perks & Discounts –Theme Park Tickets, Gym Discounts & more

The Hertz Corporation operates the Hertz, Dollar Car Rental, Thrifty Car Rental brands in approximately 9,700 corporate and franchisee locations throughout North America, Europe, The Caribbean, Latin America, Africa, the Middle East, Asia, Australia and New Zealand. The Hertz Corporation is one of the largest worldwide airport general use vehicle rental companies, and the Hertz brand is one of the most recognized in the world.

At Hertz, we champion and celebrate a culture of diversity and inclusion. We take affirmative steps to promote employment and advancement opportunities. The endless variety of perspectives, experiences, skills and talents that our employees invest in their work every day represent a significant part of our culture – and our success and reputation as a company.

Individuals are encouraged to apply for positions because of the characteristics that make them unique.

EOE, including disability/veteran