Security Architect

Job Description The Security Architect must gain understanding of the organization’s technology and information systems, and define the architectural description, embed security-by-design requirements and controls to the IT infrastructure, software, processes and operations.Roles and ResponsibilitiesPlan, research, and design flexible and robust security architectures for all bank projects and initiatives, detailing security controls and protection mechanisms.Partner with Solutions Architects, domain architects, business, and product teams to integrate security seamlessly into solution designs.Perform security design reviews, lead threat modeling exercises, identify security architecture gaps, and develop actionable security risk management plans.Continuously review current system security across IT infrastructure, networks, APIs, and software applications, recommending and implementing strategic enhancements.Conduct thorough technical design studies, reviews, and evaluations of applications prior to deployment to ensure security requirements are met.Evaluate security architecture and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.Research on the latest security standards and ensures that acquired or developed systems and architecture are consistent with cybersecurity architecture standardsPerform other duties that are required of and related to the core functions of a Security Architect.QualificationsGraduate of a bachelor’s degreeExperience in a wide range of security technologies, cloud platforms, API, and DevSecOpsDemonstrated experience (at least 2-5 years) in security design and architecting, security engineering, with strong background (and proven record) in designing, implementing, and integrating security solutions and technologies. With a minimum of 2-3years in a leadership or senior role.Proficient in security and network infrastructure, design and operations, software development security practices (i.e., OWASP), API-design, microservices, vulnerability management, penetration testing, and threat modelingProficient in full lifecycle secure system development, from concept to implementation and supportPreferred certifications: CISSP, CISM, CCSP, Cloud-related certifications, and other IT and risk related certificationsProficient in information security, cybersecurity and data privacy principles and standards (NIST, CIS Controls, ISO 27001:2013, PCI DSS v. 3.2, and similar standards)Strong leadership and ability to motivate a team and work independently with peers across various levels of management, and multiple priorities in a fast-paced and dynamic environment.Analytical/Critical thinking and problem-solving skills with strong attention to accuracy and detailEffective written and oral communication skills for engaging with senior stakeholders and cross-functional teams