Mitek (NASDAQ: MITK) is a global leader in digital & biometric identity authentication, fraud prevention, and mobile deposit solutions. Our verified identity platform and advanced image capture solutions are built on the latest advancements in biometric recognition, artificial intelligence, computer vision and machine learning, and trusted by over 7,500 organizations worldwide. We are headquartered in San Diego, California, with operations in the United Kingdom, Spain, France, Mexico, and the Netherlands. Visit us at www.miteksystems.com.
At Mitek, we believe that teams are stronger and more innovative when they have the range of opinions and perspectives that come from diversity. Very simply, we know that diversity is a foundational strength for our organization. A diverse workforce makes for stronger teams as a wider breadth of thinking and experience broadens the power of our collective mind. Building stronger teams is foundational to serving our customers comprehensively, innovating our products and solutions, and enabling more impactful decision-making across our business.
We are Virtual 1st! Whether you choose to work remotely from your home office or in-person from one of Mitek’s offices, our practices, processes and tools are designed to enable your success. At Mitek, the Future of Work is about flexibility and preference wherever and whenever we are working.
Mitek is seeking a senior-level Security Architect to join our global IT & Security team and lead the design, implementation, and maintenance of our cybersecurity architecture from the ground up. Our identity verification and mobile deposit products transact with large amounts of Personally Identifiable Information (PII), demanding a comprehensive cybersecurity maturity model to protect our products, customers, and the millions of consumers utilizing our products every day.
We want you to be a cybersecurity expert with experience developing security strategy, capability models, and security frameworks in a large, product-driven organization. You should be able to confidently demonstrate your skills in product operations security, cloud (AWS) security, and red teaming. You should understand heavy compliance needs and requirements, especially in direct relation to product security design and product operations security to call out PII risks.
What you'll do
- Conduct product design & architecture reviews with product managers and engineering teams.
- Conduct vulnerability assessment on infrastructure and testing (SAST, DAST) on company’s products and provide recommendations for improvements.
- Conduct vendor assessments for supply chain security.
- Oversee external pen testing engagements. Remediation coordination.
- Assist Compliance in meeting security standards (ISO, SOC2, PCI etc.)
- Work with cross functional teams from Product, IT, Engineering and Compliance to establish strategy, controls and plans.
- Enhance security team accomplishments and competencies by planning the delivery of solutions and answering technical questions.
- Plan, research, and design security architecture for IT systems in cloud and on-prem.
- Determine security protocols by evaluating business strategies and requirements.
- Respond to and investigate security incidents and provide thorough post-event analyses.
- Review system security measures and implement necessary enhancements.
- Verify security systems by developing and implementing test scripts.
- Maintain current, up-to-date knowledge and best practice through emerging security practices and standards, participating in educational opportunities, reading professional publications, and participating in professional organizations.
What you need
- Associates degree or higher in computer science, IT, or a related field
- Knowledge and skills typically associated with 8+ years’ experience in IT risk management and information security.
- Strong working knowledge of IT risks, cyber security, and computer operating software.
- Advanced understanding of security protocols, cryptography, and security (AES, encryption keys, certificates)
- Certifications preferred (CEH, CISSP, CISA)
- Expert in SIEM, IDS/IPS, Firewalls, VPNs and endpoint protection tooling.
- Skilled at using security tools such Metasploit, Kali Linux, Wireshark etc.
- Should have advanced understanding of security/compliance standards SOC, ISO, PCI-DSS, Fed Ramp, NIST, CIS etc.
- Expert in designing security tools and protocols for secure handling of PII data sets in a global setting.
- Good understanding of Azure and AWS security. Certifications preferred.
- Experience implementing multi-factor authentication.
- Understanding of Linux operations
- Knowledge of Kubernetes and experience with containers and container-based infrastructure at scale.
- Knowledge and applied use of coding/scripting in Python and Bash.
$130,000 - $170,000 a year
We are proud to offer competitive salary ranges aligned to industry standards. Please note that our ranges are representative and individual compensation specifics may vary based upon experience level, professional competencies and geographic differentials.