Staff Security Architect

Collectors is the leading creator of innovative technology that provides value-added services for collectors worldwide. We grade, authenticate, vault and sell millions of record-setting collectibles, all while modernizing and digitalizing the process to further our mission of helping collectors pursue their passions. We're always on the lookout for talented people to join our growing team. Our services span collectible coins, trading cards, Funko Pops!, video games, event tickets, autographs, and memorabilia. Our subsidiaries include PSA, PCGS, WATA, Card Ladder, Goldin, and the Long Beach Expo collectibles trade show.Since our founding in 1986, we have graded and authenticated millions of items. We employ more than 1,700 people across our headquarters in Santa Ana and offices in Jersey City, Seattle, Hong Kong, Paris, Shanghai, and Tokyo. We're transforming the collecting experience with technology that brings authentication, grading, and trading into the modern era. Our products are equalizing the playing field by providing tools that make complex research analytics — including pricing, scarcity reports, and historic sales data — accessible to every collector, old or new. Our engineering mission is to democratize technology while promoting innovation, collaboration, and continuous learning throughout the organization. We're seeking engineers to utilize advanced technology in agile settings, with a focus on improving the customer experience for every collector. Collectors Cybersecurity team is committed to utilize cybersecurity, risk and privacy best practices on our platforms, leveraging signal intelligence and observability at scale to protect our customers, employees and our brand.As a "hands-on" Security Architect, you will develop and deliver operational security solutions, automations, and services to keep Collector's platforms and services secure. You will work with teams across Collectors to understand the technology team's security and compliance needs, select and build tools, create processes and train colleagues to deliver a broad portfolio of projects and services. You'll leverage practical DevOps experience to deploy and maintain security tooling (both open source and commercial) to improve our security posture. You'll focus on wide-ranging, cross-functional security infrastructure projects that improve our overall security capability and reduce security friction across the organization. You will be a go-to resource for architectural consultation and will provide guidance for both internal and external teams in secure infrastructure deployment and fortification practices. Understanding the methods and techniques of the organization's security adversaries, you will find and foresee critical vulnerabilities in the operational environment and work to mitigate or eliminate them entirely.You'll report to the VP of Cybersecurity and work from our Santa Ana, CA office. Remote or hybrid candidates will also be considered.We believe that there is significant value in in-person collaboration. If you live within a 1 hour commuting distance to one of our offices, you will be required to be onsite most of the time. This will be discussed further as part of the recruiting process.What You'll Do:Design, develop, deploy, maintain, and support cybersecurity frameworks, automations, and solutions using various commercial, open source, and internally developed tools using languages or environments such as Bash, Go, Python, Jupyter Labs, Rust, Java, VRL, etc.Design, develop, deploy, maintain, and support data repository and analytics solutions using Vector, SQL relational databases, AWS S3, Athena, Spark, Apache Iceberg, and other cloud solutions.Provide technical guidance  for automated, effective, and efficient security operational environments (networks, systems, processes, cloud) with sound security architecture practices and novel mitigation strategies.Evolve Collector's Universe security benchmarks, standards, and response method.Develop a framework for analysts and operation engineers to proactively communicate security best practices, findings, and recommendations to customers.Provide technical expertise for security and compliance tool selection, process definition, automation creation, and staff training.Work with IT, Cloud, DevOps to effectively and efficiently manage security monitoring, tuning, detections, hunting, and incident response.Partner with the other engineering teams to deliver seamless security operations and engineering services to critical Collectors' business lines.Establish credibility throughout the organization by earning the reputation for being a proactive leader and change agent.Utilize DevOps skillet (Ansible, Terraform, Docker, Kubernetes, GitHub, CI/CD tooling) to deploy and maintain core security tooling (open source and commercial).Produce, compile and maintain  technical documentation of security services for internal teams.Improve current security capabilities and anticipate future security threats and trends leveraging cyber threat intelligenceConsult with our security compliance team during security audits in order to demonstrate architectural security capabilities.Effectively manage cross-functional internal and external team collaboration, and communications.Respond to and assist with due diligence and internal / external audit requests.Assist security operations engineers with automation projects covering detection, response, and fortification needs.Able to threat hunt, automate mundane security tasks and when required find the root cause of security incidentsBe a  subject matter expert in the organization's infrastructure and architecture.Who You Are:10+ years in a security-related field, providing a blend of architectural leadership and hands-on expertise as a hands-on Security Architect.5+ years of experience working with AWS cloud compute environments, security engineering, security operations, DevSecOpsExtensive knowledge of Information Technology particularly those areas related to Information Security, engineering, architecture, monitoring, threat detection, vulnerability management, EDR, DLP, cyber threat intelligence, and configuration & tuning.Be passionate in the pursuit of securing Collectors' data and critical assets, staying well-informed on adversary behavior. Able to work in a remote team and be proactive rather than reactive.Demonstrated expertise and experience with advanced and 0-day threats, intrusions, malware infection, packet analysis, and associated Tactics, Techniques and Procedures (TTP)Extensive IaaS experience (AWS-preferred, Azure, GCP), protocols, tools, and technologies. Deep understanding of current industry infrastructure standards and practices, along with a process oriented background.Capable of leveraging Devops approach to solve practical day-to-day security automation challenges using languages such as Python, Bash, Go, Ansible, GitHub, etc.Thorough understanding of networking and system administration.Familiarity with major compliance frameworks including PCI, NIST, ISO, SOX, with experience performing or assisting in audits.Bachelors in CS, Cybersecurity or related fields and certifications such as GCIH, CISSP, or any other professional or Specialty AWS certification (e.g., AWS Solutions Architect Professional, DevOps Engineer Professional, or Security Specialty) is good to haveThe salary range for this position is $160,000-$250,000. Actual compensation on this range varies based on a variety of non-discriminatory factors, including location, job level, experience, and skill set.Reasons To Join Us: Health Insurance: All full-time employees are eligible to enroll in Medical, Dental, and Vision 401(K) Matching Plan: We are proud to offer a competitive 401k matching plan to our employees to support their future financial goals Vacation: All full-time employees are eligible for a flexible paid vacation Holiday Pay: All regular, full-time employees are eligible for nine company paid holidays  .Employee Discounts: Employees receive discounts on select grading services for approved submissions Flexible Hours: Many of our teams offer flexible schedules with varying shifts and will work with you to accommodate your needs Fun Working Environment: Our team members are invited to participate in celebrations, holiday events, and team building activitiesCandidates must be authorized to work in the United States.