Architect, InfoSec

Company Overview

Come join a higher calling and find a deeper purpose!   

As a multi-national Artificial Intelligence Technology Company, we are at the epicenter of the Autonomous Vehicle Universe. Our breakthroughs are leading the industry in autonomous trucking.  

While inventing the framework of Autonomous Driving, our current fleet of autonomous Trucks are helping communities receive much-needed supplies and medical equipment around the clock.   Our people are some of the most talented engineers and contributors who are leaving behind a historic legacy.  

TuSimple was founded half a decade ago with the goal of bringing the top minds in the world together to achieve the dream of a driverless truck solution. With a foundation in computer vision, algorithms, mapping, and Artificial Intelligence, TuSimple is working to create the first global commercially viable Autonomous Freight Network

REQUIREMENTS:

• Computer and Information Science, Computer Engineering, Information CyberSecurity, Information Technology, Management Information Systems
• Certified Information Security Systems Professional (CISSP)
• CompTIA Security AWS Certified Cloud Practitioner, AWS Certified Solutions Architect - Associate/Professional, AWS Developer Associate, AWS DevOps Engineer Professional, AWS Security Specialty, AWS Advanced Networking
• Experience with secure software development, data protection, cryptography, key management, identity, and access management (IAM), network security (VPNs) 
• Created and maintained security policies and procedures, managing the protection of information systems and assets
• Lead Cyber Risk teams as part of Cloud Transformation projects 
• Demonstrates extensive abilities and/or a proven record of success as an infosec architect
• Leading, coaching, and building teams of technology and security professionals and acting as the accountable point person for overall team performance;
• Demonstrates extensive abilities and/or proven record of success in cybersecurity experience in delivering technical solutions across the environment
• Demonstrating knowledge of common cybersecurity and privacy frameworks, including but not limited to NIST CSF, CIS Top 20, ISO27001/2, HIPAA/HITRUST, OWASP Top 10, MITRE ATT&CK, FedRAMP, GDPR, CCPA, PCI DSS;
• Architecting, engineering, and/or operational management of core cybersecurity functions
• Experience with DevSecOps that 
• Ensure DevSecOps systems we build are robust in the sense they can scale, handle rapid growth, and limit exposure to single points of failure and security vulnerabilities
• Demonstrates extensive abilities and/or proven record of success with experience in modern cloud and product security tools and technologies
• Experience in Enterprise cloud strategy planning and transformation;
• Knowledge of cloud Account and Subscription Architecture, and Organizational Management;
• Extensive knowledge of cloud service management and adoption, and workload and data migration;
• Experience in cloud infrastructure and platform deployment (using Infrastructure-as-Code and Policy-as-Code);
• Experience in CI/CD pipeline management, testing orchestration, and monitoring;
• Experience in cloud DataOps, analytics, and advanced data science (artificial intelligence, machine learning, natural language processing);
• Knowledge of cloud configuration, posture Management, and rift Monitoring; and cloud logging and event monitoring

RESPONSIBILITIES:

• You'll play an integral role in ensuring all assets are protected by developing solutions focused on security, efficiently integrating and managing new or existing technology systems to deliver continuous operational improvements and increase their cybersecurity investment, and detect, respond, and remediate threats
• Perform Cloud Security Assessments of Cloud platforms/environments using industry-standard frameworks such as CIS, ISO, CSA-CSM, and NIST
• Implement of industry-leading practices around cyber risks and Cloud security
• Design and develop Cloud-specific security policies, standards, and procedures e.g. firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management
• Document all technical issues, analysis, and resolution
• Demonstrate a deep understanding of testing methodologies, test automation, and software development principles
• Lead planning, estimation, and implementation of test automation frameworks and strategies
• In joining, you'll be a part of a team that values technical and business acumen and provides training and development to extend and develop your skills, while fostering a strong collaborative culture
• You'll have the opportunity to help organizations design and create sustainable security solutions at the enterprise scale, through a focused approach on enterprise requirements and prioritization, information technology security architecture, and the software development lifecycle
• Pursue opportunities to develop existing and new skills outside of your comfort zone
• Act to resolve issues that prevent effective team working, even during times of change and uncertainty
• Coach others and encourage them to take ownership of their development
• Analyze complex ideas or proposals and build a range of meaningful recommendations
• Use multiple sources of information including broader stakeholder views to develop solutions and recommendations
• Focus on building trusted relationships

TUSIMPLE BENEFITS

• 100% employer-paid healthcare premiums for you and your family
• Work visa sponsorship available
• Relocation assistance available
• Breakfast, lunch, and dinner served every day
• Full kitchens on every floor with unlimited snacks, drinks, special treats, fruits, meals, and more
• Stock options / equity
• Gym membership reimbursement
• Monthly team building budget
• Learning/education budget  
• Employer-paid life insurance
• Employer-paid long and short disability

TuSimple is an Equal Opportunity Employer. This company does not discriminate in employment and personnel practices on the basis of race, sex, age, handicap, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above-listed items.