Security Architect, Cloudflare
Apps/Software
Web performance and security platform
Open for applications
Web performance and security platform
1001+ employees
Open for applications
1001+ employees
Company mission
Cloudflare's mission is to help build a better Internet that is bold and ambitious.
Role
Who you are
- 10+ years of experience in an IT/Security related field, 5 of which as a security architect
- In-depth understanding of security concepts
- Understand how business, engineering, IT, and security processes align, and how to research, test, and implement solutions to complex objectives
- Able to anticipate challenges and steer the company towards growth
- In depth knowledge of the following:
- Analyzing and fixing errors in software and applications, designing new programs, and providing support to existing software applications
- Making application security part of the overall design and architecture of an application rather than introducing security later in testing
- Secure Software Development Lifecycle Requirements
- Using a secure software development lifecycle at all stages of development
- Identify threats, facilitate appropriate risk responses, plan for countermeasures, and guide security testing for each sprint planning or design change with threat modeling
- Ensure all user stories and features include functional security constraints
- Verify justification and documentation of all application components, trust boundaries, and significant data flows
- Define application’s high-level architecture and each remote service connected and verify security analysis
- Verify implementation of centralized, reusable, secure, simply designed, and vetted security controls to avoid duplicate, ineffective, missing, or insecure controls
- Verify security requirements, guidelines, coding checklist, or policy is available to all developers and testers
- Access Control Architectural Requirements
- Input and Output Architectural Requirements
- Cryptographic Architecture Standards
- Errors, Logging, and Auditing Architecture
- Communications Architecture
- Business Logic Architecture
- Malicious Software Architecture
What the job involves
- As an Enterprise Security Architect you will play a key role in effectively designing defensible network architectures, defensible builds & configurations, security platforms and automation, assisting in secure tool and product development, and will help establish security standards and guidelines across the enterprise
- This role will lead security project work with technology peers for successful delivery and coach technology staff on appropriate security standards, processes, protocols and needs as they implement new technology into the organization
- Works out and designs complex security solutions
- Leads projects to implement secure enterprise systems and identifies issues that could compromise data integrity or security
- Develops security policies, procedures, and guidelines and recommends necessary changes to a given project team to ensure the company’s systems are fully compliant with all applicable regulatory requirements and privacy laws
- Creating and implementing enterprise security architecture models
- Utilizes open communication and managerial courage to ensure the standards, expectations and goals of the organization are respected and upheld
- Serving as an advisor to engineering and development teams in security best practices and design
- Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organization
- Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors
- Determines methods and procedures on new assignments and may coordinate activities of other personnel
- Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways
- Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results
- Ensures an organization's security strategy is aligned with companies business goals
Our take
Cloudflare is a multi-service global network that provides web security and infrastructure, DDoS mitigation services, and a content delivery network. Founded in 2009, Cloudflare has risen to become an industry giant, with around 25 million global internet properties on its network.
Cloudflare has been responsible for a number of admirable initiatives, offering free web protection to human rights groups, journalists, artists, and US election websites. This goes some way to counteracting the flak Cloudflare has received in some circles for the controversial groups and users who use its services. This chequered history, however, has not affected its over 80% market share in the content delivery network field.
This is perhaps in part because it has proven sharp at staying abreast of the rapidly morphing tech and digital space and customer demands. For example, Cloudflare is shifting to 100% renewable energy usage to create a zero-emissions internet, and in 2020 released a feature that would help users navigate data privacy regulations by selecting where their data is stored.
The cloud infrastructure market reached $53 billion in 2022. While the Big 3 (Amazon, Microsoft, and Google) own 65% of the market, that still leaves billions of dollars left for companies such as Cloudflare. Its ambitious and successful work is likely to continue being a crucial feature of the web, but in 2023, placed it in the crosshairs of hackers looking to exploit its infrastructure. The beginning of 2024 saw Cloudflare vow to bolster its security and patch vulnerabilities.
Steph
Company Specialist
Insights
Some candidates hear
back within 2 weeks
16% employee growth in 12 months
Company
Company benefits
- Minimum 8 weeks of paid parental leave
- Equal opportunity employer
- Unlimited paid time off policy
- Work from home opportunities
- Medical, Dental & Vision Insurance
- Life Insurance, Disability Insurance
- 401(k) plans
- Family planning and fertility program
- Gym discounts
- Commuter Benefits Program
Company values
- Principled - We create our products and features with a global mindset and democratize important and innovative technologies that drive adoption of the latest standards
- Curious - Our team is made up of pioneering innovators that approach new challenges with interest and a desire to learn
- Transparent - We hold ourselves accountable when we make mistakes—and we do everything we can to learn from them
Company HQ
China Basin, San Francisco, CA
Articles
Leadership
Lee Holloway
(Lead Engineer)Lee started their career as an Engineer at Homewarehouse for a year before working at Unspam Technologies for 4 years. They co-created Project Honey Pot in 2004 and Cloudflare in March 2009, serving as Lead Engineer of both to present.
Michelle Zatlyn
(President & COO)Having worked for Investor Economics and I Love Rewards for a combined 4 years, Michelle worked at Toshiba for 3 years as a Product Manager. She then co-founded Cloudflare in 2009 as COO, and has served as President since 2020. She is also a Board Member at Atlassian.
Matthew Prince
(CEO)Matthew studied for an MBA at Harvard Business School before co-founding Unspam Technologies in December 2001, and Cloudflare as CEO in March 2009.
Share this job
View 111 more jobs at Cloudflare