Principal, Cyber Security Cloud Architect

Overview BNY Mellon-s Data and Analytics Solutions further extend Asset Servicing capabilities in securities and cash into the world-s most important -asset class,- data. As a software and content business, inclusive of Eagle Investment Systems- data management, accounting, and performance platform and Intermediary Analytics- sales and distribution data, the offering also includes a suite of new cloud-based products. An ecosystem of proprietary and third-party business applications are available to help firms manage their core investment process and beyond.

• Team member contributing to the management of a full scope Security Engineering service (infrastructure and application architecture reviews, common control design/implementation/testing, document generation of system security plans, communicate architecture and platform risk, advise on vulnerability impact with regard to remediation and/or where necessary implement hotfix/workarounds) .
• Collaborating on initial ideal concept POCs with product owners, developers, technical operation teams within the both Product Development Lifecycle (PDLC) and Software Development Lifecycle (SDLC) and formulating initial threat models for consumption and ownership by Product owners.
• Continuous improvement and service delivery of the Security Architecture and Engineering program, aligning staff, tools, and processes to key security metrics and controls within the PDLC/SDLC enabling timely and secure Product feature releases.
• Provide Security Architecture and Engineering guidance and oversight across Product Management, Research & Development, and Operations teams to Influence the design and implementation of upcoming products and services with a mindset of "Security by Default".
• Consulting product teams on how to architect and implement secure solutions and ensuring SOC2 audit compliance.
• Responsible for overall Security Architecture and Engineering assessments and posture through security design, threat modeling, owning and implementing common architecture controls throughout the product portfolio and platforms.
• Design and deploy state-of-art technology to meet the business needs and interface with business units regarding technical planning and security architecture/engineering topics.
• Perform proof-of-concept and proof-of-technology testing for integrating new 3rd party security products into the development and deployment processes.
• Perform validation of security controls to insure adherence with compliance and industry best practices.
• Perform hands on security design, implementation, and testing of products and services to proactively Client risk and track them to resolution.
• Design and assess SaaS and PaaS cloud services and virtualization technologies within Public Cloud Service Provider (CSP) offerings.
• Use a risk-based approach, advocate for and help prioritize remediation of security findings and develop/report metrics measuring the state of application security program.
• Develops and implements global security architecture solutions using formal risk management methodologies. Develops information security architecture to enforce security requirements and address identified risks. Works with other IT staff to ensure design achieves both business and technical requirements.Evaluates vendor products for security capabilities. Remains current on IT Security/Architecture trends. Contributes to the achievement of multiple teams' objectives.

• Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred
• 10-12 years of experience in information security or related technology experience required
• Experience in the securities or financial services industry is a plus
• 5+ years previous experience in information security architecture and engineering domains (e.g., design/implementation reviews, threat modeling)
• 5+ years experience working within enterprise class application architectures that are highly scalable and reliable and the ability to secure them
• 3+ years experience with DevSecOps tooling
• 1+ years experience with Public Cloud (e.g., Azure, AWS, and Google Cloud Platform) technologies (e.g., kubernetes, containers, databases as service)
• 1+ years experience with securing containers, host, databases, and application solutions for multi-tier and microservice systems.
• Have a strong knowledge of building security into continuous integration and delivery (CI/CD) pipeline.
• Ability to understand business requirements and apply security without adversely affecting the desired functionality
• High level of personal integrity, with the ability to professionally handle confidential matters, and reflect appropriate level of judgment as it pertains to security.
• Relevant security certifications a plus (such as: CISSP, CISM, GPEN, GCIH)