Principal Engineer/Security Architect - Product Security Architecture/Cloud Security Architect /SecDevOps

FICO (NYSE: FICO) is a leading global analytics software company, helping businesses in 100+ countries make better decisions. Join our world-class team today and fulfill your career potential!

The Opportunity 

"As a trusted Product Security Architect for FICO’s products and applications, you will lead cyber security products initiatives throughout project lifecycle, Business development, Presale, Scoping, Design and Ongoing operations . You will help us ensure FICO's products meets our customer, business and technical needs by leveraging FICO assets, cyber security standards and industry best practices. As a part of FICO’s highly modern and innovative ecosystem, you will help shape the next generation security for FICO’s products by addressing cutting edge security challenges in a highly automated, complex, cloud & microservices driven environment inclusive of design challenges and continuous delivery of security functionality and features to the FICO platform as well as the AI/ML capabilities used on top of the FICO platform." - Cyber Security-Senior Director

What You'll Contribute 

• Responsible for full-stack security architecture design from cloud infrastructure to application features that FICO customers use daily through the implementation of "secure by design" principals.

• Work closely with product managers, architects, and developers on the implementation of the security controls within the FICO Platform ecosystem and products.

• Proof security implementations within infrastructure & application deployment manifests and the CI/CD pipelines.

• Define required policies, controls, and capabilities for the protection of FICO products and environments.

• Build & validate declarative threat models automation.

• Be a part of engineering team’s product planning cycles and committees.

• Oversee Security aspects of Analytical Model Life Cycle.

• Oversee the migration of products, services from FICO Data Center to public cloud e.g., AWS from Product Security side.

What We're Seeking

• In-depth experience with architecting secure services on Kubernetes (preferably AWS EKS).

• Extensive experience with architecting secure services on AWS or on-prem data centers.

• Experience in analyzing and securing microservices and applications developed using JAVA, and Python.

• Experience with CI/CD pipelines (such as Bitbucket, Jenkins, JFrog) and infrastructure-as-a-code models (such as Terraform, or Helm or Cloudformation).

• Experience in securing Observability capabilities, Asynchronous APIs, Event Driven Architecture.

• Experience with docker and mesh technologies (such as ISTIO).

• Experience with security architecture of complex platform and products.

• Experience with architecture and security reviews, threat modeling and applications risk.

• Capability of articulating complex architectural challenges in a consumable way for the business leadership and product management teams.

• Knowledge of ML / AI model security and …