Sr Architect - Cyber Security

Apply now

Date: Sep 4, 2021

Location: Las Vegas, Nevada, US

Company: Las Vegas Sands Corp.

Position Overview

The primary responsibility of the Sr Architect – Cyber Security is to evaluate, maintain, and improve the confidentiality, availability, and integrity of the LVSC IT systems. The role will serve as a security consultant for internal systems, often designing, comparing vendor products, developing business cases, implementing, deploying and overseeing the transfer into production. 
All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.’s policies, practices, and procedures.  
 

Company Standards of Conduct

All Las Vegas Sands Corp. Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the Company’s standards, work requirements and rules of conduct.

Essential Duties & Responsibilities

  • Support development of cyber security requirements for software or applications.
  • Integrate cybersecurity into Software Development Lifecycle’s (SDLC) associated with multiple development areas.
  • Develop and embed cybersecurity processes such as; threat modeling and risk assessment into the SDLC.
  • Support the definition of cybersecurity as it is appliable to appropriate technology and workflow to coding standards.
  • Communicate all cybersecurity concepts and guidelines to development team.
  • Embed cybersecurity processes into the development team.
  • Provide technical guidance and coaching to developers and engineers as it relates to cybersecurity.
  • Work with the quality assurance teams to ensure that software code is free from security defects and vulnerabilities.
  • Experience development of application programming interfaces and working with them to support applications and services.
  • Experience with container security with an understanding on how to develop alerting mechanisms to alert when security issues arise.
  • Ensure that all cybersecurity requirements have been met prior to production release.
  • Facilitate implementation of cybersecurity monitoring processes to include implementation and configuration of the Cloud Access Security Broker as well as Security Incident and Event Management monitoring capabilities.
  • Develop threat and risk use cases to be applied to analyze alerts and events that the global Cyber Security Operations Center might see.
  • Support development of incident response exercises to support development of approaches to respond to use case driven alerts and incidents.
  • Proven experience as software architect, with a good understanding of cybersecurity functions as it relates to software development.
  • Actively seek ways to improve business software processes and interactions.


Additional Responsibilities:

  • Perform security architecture design reviews of our products (primarily cloud)
  • Perform code analysis of large applications, manually and using SAST and DAST scanning solutions as well as conducting vulnerability analysis
  • Provide remediation guidance and recommendations to developers and administrators
  • Work with Product Development teams to help prioritize and validate urgency of mitigation of identified product vulnerabilities and security feature enhancement requests
  • Experience working with development teams to build secure solutions
  • Experience breaking down complex systems and applications to find flaws
  • Proficiency in reading, writing, and auditing Golang, or JavaScript and the ability to pick up new languages/technologies
  • Strong familiarity with common vulnerabilities and attack vectors
  • Knowledge of web service technologies, load balancer services (i.e. Nginx, Cloudflare, F5, etc.) and RESTful APIs
  • Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.)
  • Solid understanding of secure network and system design in both cloud (AWS, Azure, etc.) and conventional environments
  • Experience as an Application/Product Security Engineer, Architect or Developer
  • A background integrating security testing into the SDLC (preferably the SCRUM framework)

Minimum Qualifications

  • 21 years of age.
  • Proof of authorization to work in the United States 
  • Bachelor’s degree in Computer/ Information Science preferred or equivalent work experience.
  • Must be able to obtain and maintain a Nevada Gaming Control Board Registration and any other certification or license, as required by law or policy.
  • 2 or more years of experience in a cyber security architect role or at least 8 years related field work experience with 4 or more years of experience in a cyber security role.
  • Demonstrated experience working with technical and non-technical staff.
  • Basic knowledge of a broad range of IT Security, Controls and Service Delivery standards and frameworks for example, International Standards Organization (ISO) 27001, IT Infrastructure Library (ITIL), Control Objectives for IT (CoBIT), and Capability Maturity Model Integration (CMMI).
  • Experience with Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure or other cloud platforms, with experience in developing and implementing software.
  • 5-7 years of experience designing and implementing software applications.
  • Professional programs certification in C#, .NET, Java etc. and others is strongly recommended.
  • Professional program certification in cybersecurity and others is recommended.
  • Experience developing software utilizing various coding languages including Java, C++, PHP and more.
  • Demonstrated knowledge of web applications, cybersecurity and open-source technologies.
  • Outstanding collaboration and communication skill are essential.
  • Experience overseeing customized development of processes for multiple projects simultaneously.
  • Professional experience analyzing code for weaknesses and errors and overseeing plans to improve them.
  • Safety is an essential function of this job. 
  • Consistent and regular attendance is an essential function of this job.
  • Performs other related duties as assigned.
  • Ability to execute multiple projects and tasks under tight deadlines.
  • Provide off-hours support on an infrequent, but as needed basis. (Potential shifts may run 24/7 due to the need of the business).
  • Strong interpersonal skills with the ability to communicate effectively with guests and other Team Members of different backgrounds and levels of experience. 
  • Must be able to work varied shifts, including nights, weekends, and holidays.
     

Physical Requirements

Must be able to:

  • Lift or carry 20 pounds, unassisted, in the performance of specific tasks, as assigned.
  • Physically access all areas of the property and drive areas with or without a reasonable accommodation.
  • Maintain composure under pressure and consistently meet deadlines with internal and external customers and contacts.
  • Ability to interact appropriately and effectively with guests, management, other team members, and outside contacts.
  • Ability for prolonged periods of time to walk, stand, stretch, bend and kneel.
  • Work in a fast-paced and busy environment.
  • Work indoors and be exposed to various environmental factors such as, but not limited to, CRT, noise, dust, and cigarette smoke. 
     


Job Segment: Architecture, Cyber Security, Developer, Cloud, Security, Engineering, Technology

Apply now
Share this Job