Vacancy expired!
Your Opportunity
This role can be telecommuteThe Security Design & Innovation team handles the Firm's security strategy and domain security architecture vision and development. We drive and synchronize security strategies aligned with technology and business priorities along with validating future directions through security research and innovation. In this role the Principal Architect will have responsibility for identifying, assessing, developing, and researching security innovation strategies across a broad portfolio of cyber security and related technology systems. As a senior member of the team you will engage and partner with senior leaders across the organization leveraging your extensive background in security domains combined with expertise in organizational and cross-functional communication to develop security research & innovation framework, build a security innovation pipeline, influence roadmaps, champion strategic opportunities /execution plans with the aim to improve security capabilities, reduce risk and position forward looking platform security enhancements What you are good at- Responsible for defining a security innovation vision, and framework to help inform the security organization on new industry trends and security solutions that solve complex problems and align with the enterprise architecture strategy, technology and platform choices
- Develop security product innovation strategy that delivers value to customers and drives business growth
- Investigate cutting-edge security capabilities and tools to help shape the architecture, requirements and overall design of the security products
- Execute cybersecurity strategic goals and collaborate on initiatives with developers, product managers, and quality assurance engineers to translate business objectives into user stories and development efforts
- Draft actionable security innovation user stories with clear acceptance criteria
- Lead stakeholders through story grooming, decomposition, and development estimation
- Identify emerging security capabilities, conduct proof of concepts based on acceptance requirements and test use cases of new and existing features
- Prioritize new security features to maximize business value and set specific release timeline, manage product backlog, story refinement meetings
- Describes the solution intent and the associated operating environment, determining the primary systems/subsystems and their interfaces, defining non-functional requirements and architectural runway to support new epics/features and expand into new opportunities
- Ensures the solution is fit for purpose and use by working with stakeholders, vendors/service providers, and evaluating the impact of strategic design decisions
- Contributes in the creation of the architecture roadmap of defined domains (Business, Application, Data and Technology) in support of the product roadmap
- Contributes to the development of best practices including standardized templates
- Works across business and technology to create the solution intent and architectural vision for large complex solutions and evolves it based on an emerging backlog
- Ability to build relationships with internal and external customers to determine requirements and assess business priorities
- Attention to detail and ability to drive product strategy that maximizes how the emerging trends will be applied to meet business objectives
- Ability to effectively manage trade-offs between cost/schedule versus business benefit
- Exhibit strong user and stakeholder focus, excellent problem solving and analytical skills
- Succeeds in team environments, experience working in fast-paced, cyber environment
- Ability to work with cross functional teams to drive the implementation of new features as well as resolve operational issues
- Experience designing and implementing security services and tools applied to Google Cloud Platform, Azure and AWS
- Experience with exploring security capabilities that are based on artificial intelligence and learning models.
- Demonstrates flexibility within a variety of changing situations, while working with individuals and groups.
- 4-year college/university degree required
- Minimum 10 + years of experience building and managing security infrastructure and solutions in the financial industries
- Strong ability to effectively communicate with and present to the senior leadership team
- Experience with assessment, development, implementation, integration, optimization, and documentation of a comprehensive and broad set of security technologies and processes in on premise, public and private cloud environments
- Experience with Hybrid cloud architectures and designs
- Must have experience with Internet Application Hosting architectures, best practices and related technologies to effectively protect externally facing applications
- Experience with DevSecOps process, Container technologies (Docker, Kubernetes), API Gateways, and other common web application technologies is preferred
- Strong knowledge of enterprise security concepts/frameworks and products, secure design principles and best practices
- NIST 800-53, CIS Benchmarks, ISO 27000 series, COBIT, etc.
- Good written and verbal communication skills a must.
- Must be able to design and create technical solution/process documentation quickly and succinctly
- Must be a self-starter, strong leader who is able to manage, develop and nurture a team of senior engineers and architects; work with limited supervision & be able to work well with others in a globally diverse IT environment
- Understanding of cryptography as it relates to application, network and cloud security
- CISSP, CCSP, TOGAF certification preferred. Other Information Security oriented certifications a plus