Share
Regular or Temporary:
English (Required)
1st shift (United States of America)This is a strategic target and solutions cloud architecture role that will derive security specifications from business requirements, and design security solutions that support core organizational functions, and assure their confidentiality, integrity and high availability.The Cloud Cybersecurity Solution Principal Architect works to gain organizational commitment for cloud security, which includes, but not limit to infrastructure, digital application integration, migration and software plans, as well as assist to evaluate and select cloud security technologies required to complete those plans.You will provide integrated cloud security related technical expertise across the organization, from conceptualization and project planning to the post-implementation support level. Principally works, under limited supervision, with Corporate Information Security (CIS) personnel, Line of Business (LOB) personnel, external vendors, and internal IT Services personnel including Enterprise Architects, Application & Data Services personnel and other IT Operations Services teams.You will develop security specifications, requirements and architecture artifacts in compliance with corporate standards, laws and regulations for architecture adherence and performance guidelines.
Specific solution expertise is desired in the following areas:
Digital Commerce, Digital Banking and Financial Systems application architecture
Large data management architecture and integrations
Attack protection and mitigation technologies – DDoS, WAF, Bot, etc.
AWS Cloud - application migration, fit for purpose, etc.
Multifactor authentication, Risk Based Authentication
oAuth flows and implementations, JWE token specifications
Application authentication, authorization and entitlement models and implementations
Application Security – OWASP control and evaluation criteria
Detailed understanding of industry standards such as PCI, FFICE, CSA, etc.
Intelligent Robotic Process Automation
Cryptographic technology – Transit encryption, storage encryption, Hash, KMS, Digital Signature, etc.
Federated Identity Management / Identity Providers / Single Sign On (SSO)
Client authentication approaches for “anti-bot” technologies, signaling, and fraud prevention.
Ideal candidate will also have experience in the following areas –
Containerization, Micro-services, API, CI/CD
Client facing digital application architecture and implementations
Content Delivery technologies
CRM Technology – Eloqua, Oracle, Acoustic
Adobe Experience Platform
Mobile Application Development
Fintech integration
Duties include:
Architecting effective and efficient fit for purpose solutions that meet the Bank’s needs and requirements.
Applies in-depth and specialized expertise in Digital Banking and Client Experiences technologies and significant breadth of experience across cyber / information security.
Serve as Cyber Security and Cloud Security Subject Matter Expert participating in segment solution review processes.
May be called upon to contribute to refinement of scope and business cases.
May be called upon to contribute to Cloud target architecture and patterns.
Proactively Participates in the gathering and development of requirements by coaching stakeholders and decomposing business requirements into technical and system requirements.
Interrupt requirements to determine the best solutions and approaches.
Creates architectures and operational documentation with support of engineering and operations staff.
Proactively engage, Advise, consult, lead, guide and mentor project teams, engineers, analysts, and support staff in the delivery of solutions both On-prem and in the Cloud.
Participate in agile planning processes and delivery methodologies.
Build relationships with internal clients and teams.
Required Qualifications:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Bachelor’s degree in Business, Management, MIS-related field, or equivalent education and related training.
Twelve years of progressively responsible leadership experience in Information/Cyber Security
Comprehensive experience in network security architecture, including design tools, methods, and techniques and the application of Defense-in-Depth principles; knowledge of network design processes, including understanding of security objectives, operational objectives and tradeoffs
Thorough knowledge of The Open Group Architecture Framework (TOGAF), including infrastructure, data, information security, applications, architectural concepts, and associated disciplines
Knowledge of:
Mainframe security, including access control, monitoring, integration with non-mainframe technologies, and virtualization.
Authentication and authorization technologies including remote access.
Application security and the security development lifecycle and ability to apply to client-server and web-based application development environments.
Enterprise databases and database security, including database activity monitoring and database access control technologies.
Encryption methods and technologies for data-in-transit and data-at-rest scenarios.
Incident response processes.
Denial of Service prevention mechanisms.
Firewall technologies and intrusion prevention methods.
Cloud technologies and hosting.
Operating system hardening.
Virtualization technologies.
Mobile technologies.
Encryption and key management technologies.
Endpoint Protection (includes malware);
Data Loss Protection technologies
Experience with peripheral component interconnect and other security audit processes, evidence gathering, and development/management of remediation plans used in resolution of finding
Preferred Qualifications:
Certification: CISSP, ISSAP, CCSP, AWS/Azure/GCP certification, SANS or TOGAF certifications
Experience with Agile Scrum (Daily Standup, Sprint Planning and Sprint Retrospective meetings)
Mergers and acquisitions experience.
Consulting or professional services backgrounds are a plus.
Financial services industry experience is a major plus.
Masters degree in: Computer Science, Information Systems, Security, or other closely related field.
Visual / Audio / Speaking
Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone.
Manual Dexterity / Keyboarding
Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers.
Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need
These jobs might be a good fit