Tier 1 Investment Bank
Hiring SVP & VP level Security Solutions Architect
Location: Hybrid (1-2 days on-site) in Irving, TX or Jacksonville, FL
Key Technicals: Application Security, Infrastructure Architecture, DevOps, DevSecOps, IAM, Cloud Security, etc.
Responsibilities:
- Experience with engineering secure application systems, application security architecture, version control, automated code testing, database, data de-identification / tokenization, cloud containerization, APIs, application threat modeling, encryption, secure application development, application controls, open-source software, and best practices for application security
- Leveraging key technologies and best practices, works collaboratively with our IT Security and IT Solution Delivery teams to integrate identity management solutions into development life cycle
- Must be able to closely partner with peers in the engineering, infrastructure and dev-ops organizations to ensure security compliance with a 'shift left' mindset
- Provide the subject matter expertise and advocate for the security controls needed for designing and enhancing application systems
- Evaluate and recommend new products and technologies to address current and emerging IS risks affecting supported business (es).
- Provide guidance using expertise in technology platforms (Oracle, UNIX, etc.) and secure technology solutions (email encryption, access management tools, etc.).
- Collaborate with domain architects, project managers, and ISOs to provide technical IS expertise when needed.
- Lead information security assessments on cloud computing technologies; partnering with business and technology on migrating systems to cloud providers such as Amazon Web Services (AWS), Google Cloud, and RedHat Open Shift.
- Experience with Lean, Agile, and DevOps methodologies
- Experience with DevOps CI/CD tools, capabilities, and security integrations
Qualifications:
- 6-10 years of relevant experience in an Apps Development role with at least 5 or more years of experience in Information Security Management, Identity Access Management with focus on application and platform security.
- Understanding of identity lifecycle management solutions Experienced IAM and related technologies, including Active Directory, Directory Services, Single Sign-On, LDAP, PKI, Cloud Directory Services, Authorization and Authentication Technologies (SAML, Open ID Connect, or OAuth), Access Provisioning, Privileged Access Management.
- Privilege accounts lifecycle management solutions including managed services and implementation knowledge of products (such as BeyondTrust, CyberArk, Centrify)
- Working knowledge and experience with multiple security domains (e.g., application security, vulnerability reduction, data protection, encryption, logging and monitoring, network security)
- Experience working with modern development practices (e.g. micro services, containers, orchestration, continuous integration & delivery pipelines)
- Experience working in regulated industries leveraging information security management frameworks and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC)
- Strong written and verbal communication skills in order to effectively community technology risk to business and other stakeholders.
- Strong problem solving, analytical skills in order to drive continuous improvement.
Education:
- Bachelor's/University degree, Master's degree preferred
- Certifications a plus, i.e., CISSP, CCSP, CRISC, CISA
