Due to continued success, our client in the Financial Services sector are seeking a Security Solutions Architect. In a highly visible role, you will provide technical and architectural leadership on large and highly complex security projects.
The Security Solution Architect (SSA) defines and assesses the organization's security strategy, architecture, and practice outcomes. Aligns to business and technology business units to effectively translate business objectives and risk management requirements into security processes enabled by security technologies and services. Works under the guidance of the Principal Security Architect in getting necessary approvals from the Architecture Review Board.
What You'll Do In This Role
- Governance and Strategic Leadership:
- Provides architectural vision to align Information Security outcomes to strategic business needs and goals.
- Contributes to and participates in the Architecture Review Board and Architect community activities to ensure the design and implementation of sound solutions.
- Contributes to the strategic roadmap and technical direction of business and IT.
- Contributes to developing security procedures and standards to be reviewed and approved by the Chief Information Security Officer (CISO).
- Tracks developments and changes in the digital business and threat environments to ensure these are adequately addressed in security strategy plans and architecture artifacts.
- Develops and maintains security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
- Security Configuration and Infrastructure Management:
- Works with IT Solution Architects to ensure security is baked into all solutions and that regular cadence is established for maintaining a secure baseline.
- Develops baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM).
- Validates IT infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risk where applicable.
- Validates security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
- Security Assessment and Risk Management:
- Conducts or facilitates threat modeling of services and applications to assess the associated risk and data.
- Ensures that a complete, accurate, and valid inventory of all systems, infrastructure, and applications is conducted and reconciled with the security information and event management (SIEM) or log management tool.
- Data Security and Privacy:
- Coordinates with the compliance and privacy officers to understand sensitive data within the organization (e.g., PII or ePHI) and recommends controls to ensure this data is adequately protected.
- Reviews network topology to ensure the least privilege for network access.
- Collaboration and Best Practices:
- Liaises with other architects and security practitioners to share best practices and insights.
- Security Tools and Operational Support:
- Tracks, documents, and communicates security-related activities (models, templates, standards, and procedures) that leverage security capabilities in projects and operations.
- May be asked to work with peers to troubleshoot and remediate any systems impacted by security breaches.
- Organization:
Discipline-specific Qualifications:
- Proficient in consultative and collaborative methods, ensuring security strategies align with business objectives, guiding security teams, effectively communicating technical concepts, and resolving complex security challenges.
- Skilled in overseeing security initiatives, upholding integrity in managing sensitive data, and exemplifying leadership by enforcing security policies.
- Preferred experience securing web development languages and frameworks, such as JavaScript, Spring, Angular, Python, Java, C#, .NET, and more.
- Well-versed in securing platforms such as Kubernetes, Confluent Kafka, ActiveMQ, Azure Service Bus, Amazon SQS, API gateways, etc.
- Thorough understanding of various database security technologies supporting MongoDB, Oracle, MS SQL, etc.
- Capable of working in high-performance development teams using agile methodologies alongside modern DevSecOps practices.
- Sound knowledge of enterprise and back-office systems such as CRM, HR, Microsoft 365, and other financial services systems
General Qualifications
- Security Certifications (CISSP, CCSP, GWEB, GSEC, or CCSK) preferred
- Experience in using architecture methodologies such as SABSA, Zachman, and TOGAF
- At least ten years of experience in Information Technology with a security focus
- Minimum of two years of experience in a Security Architect or Engineer role
- Extensive experience in Information Security, compliance, assurance, or other security standard methodologies and principles
- Documented experience and a solid working knowledge of the methods to conduct threat-modeling exercises on new applications and services
- Experience applying cybersecurity and privacy principles and organizational requirements
- Experience with developing specific cybersecurity countermeasures and risk mitigation strategies for systems or applications
- Experience in identifying, assessing, and recommending cybersecurity or cybersecurity-enabled products for use within a system and ensuring that recommended products follow the organization's evaluation and validation requirements
- Ability to effectively operate in support of a complex ecosystem of technology platforms managed by internal resources and vendor partner.