Sr. MTS Architect

_Contact_:
cbustill@ebay.com

refer to Req# 47712BR

Primary Job Responsibilities
The security architect is responsible for designing and developing the eBay market place's overall security architecture to protect its information assets. Responsibilities include developing target architectures and corresponding strategies to move from the current state to the target architecture.

Responsibilities also include consulting on security posture and risk management for various technology initiatives. This involves research and familiarity with security trends, products and services.

Other day-to-day responsibilities include:

• Perform Thread modeling on Web applications, infrastructure and work with application architects, designers, engineers to develop solution architecture that mitigate security and privacy risks.
• Documenting the baseline and target business architecture using modeling techniques and tools as appropriate and at the right level of detail.
• Analyzing the gaps between the baseline and target business architecture.
• Producing work objects and deliverables contributing to a roadmap and migration plan to work towards the target business architecture.
• Assembling and maintaining the enterprise strategy and architecture for information security services, mechanisms and safeguards
• Working in active partnership with infrastructure, application, vertical architecture leaders and stakeholders to understand business requirements and develop supporting security principles and objectives that will enable the growth and evolution of eBay Marketplace business applications and our business units (and communicating those requirements to security and risk management stakeholders throughout the enterprise)
• Ensuring that required risk analysis methods are embedded across architectural programs
• Providing leadership to team members and consulting to business leaders in addressing their information risk posture
• Promoting a consistent risk vocabulary for information risk and controls and align that vocabulary with related compliance and business risk disciplines within the organization
• Coordinating with leaders responsible for Infrastructure Services, Application Services, Information Risk Governance & Compliance, Remediation and Product Engineering to justify and communicate initiatives and risk management outcomes and to ensure integrity of approach

• Virtualization security (VMware, Xen, KVM, Hyper-V)
• Hadoop security (with the focus on security model and data protection)
• Identity and access management (Federation, managing identity life cycle in large scale environment)
• Mobile Security (Securing applications developed on mobile platforms including iOS, Android, Windows Mobile, Blackberry)
• Successful candidate will possess high analytical skills and an understanding of complex data is also important requisites to be successful in this profession.
• You have the ability of thinking like a hacker
• You are very collaborative and adaptable attitude to business conditions because technology is constantly changing and with it the security requirements change
• You can Influence and lead security technology directions within and across the organization.
• You can drive change and innovation
• You can effectively communicate verbally and in writing
• You can effectively consult across a multi-functional environment
• You will drive results with an emphasis on reducing cycle time and increasing speed to market of new products

Basic Qualifications

• Bachelor's degree with a concentration in computer science, management information systems or related field or equivalent work experience
• 10+ years of Senior Level Information Security Architect experience
• Subject Matter expert within the Security Architecture area of Information Technology, Software and Internet Architecture, Network Security, Identity and Access Management, Cloud and virtualization technology.
• Familiarity with platform technologies including Big Data (Hadoop, etc), Structured Database systems including Oracle, SAN, VMWare, Xen, Hyper-V
• CISSP, CISM a plus