Security Architecture Manager
|Position:||Security Architecture Manager|
|Reports To:||Director, Information Security|
|Location:||Winston-Salem, NC or New York, NY|
Information Security (IS) group is looking for a Security Architecture Manager as a direct report to the Director of Enterprise Security Architecture. In this role, the candidate will provide technical leadership, subject matter expertise and direction on complex projects/initiatives for their assigned area(s) of responsibility. This position will function as a technology leader in the architecture design, planning, and delivery of enterprise-class security systems both on premises and in the cloud.
We are seeking strong, self-motivated candidates with a proven track record of understanding security controls and working across an organization to implement and validate controls.
- Five or more years’ experience in:
- Designing, implementing, and delivering security solutions preferably within the Financial Services Industry
- Providing consulting to business partners to influence security best practices and establish solid security principles across the organization
- Meeting business goals along with customer and/or regulatory security-related requirements
- Strong understanding of security principles for at least two of the following: cloud, network/infrastructure, mainframe, servers, mobile, system configuration
- Experience securing enterprise technology solutions such as Microsoft 365, Virtual Desktop Infrastructure (VDI), Mainframe/Legacy systems, Cloud Access
- Security Brokers (CASB), Software Defined Networking, and Containerization
- Knowledge of security defenses against data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and Denial of Service attacks
- Ability to provide direction and guidance at all levels of the organization on architectural use cases and requirements
- Ability to contextualize security issues and business risks both verbally and in writing
- Bachelor's degree in engineering, computer science, or a related field with a minimum of 8 years of experience in technical roles
- Strong analytical and problem solving skills
- Strong communication skills and business acumen
- Knowledge of Security and Industry frameworks such as ISO27001/02, NIST 800-53, SANS Top 20 Critical Security Controls, COBIT, PCI-DSS, and NIST Cybersecurity Framework is highly desirable.
- Relevant industry certification related to Information Security (e.g. CISSP, CISM), Architecture (e.g. TOGAF, AWS Certified Solutions Architect), or Cloud (e.g. AWS, Google, and Azure including Microsoft 365) is desired.
Essential Functions and Responsibilities:
- Design, build and implement enterprise-class security systems
- Align security with industry standards and frameworks, and overall business and technology direction
- Design security architecture building blocks to mitigate threats and risks
- Develop solutions that balance business requirements with information and cyber security objectives
- Define, communicate and validate security requirements to guide projects/initiatives to secure solutions
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Stay up-to-date with current and emerging security threats
- Gain organizational commitment for security solutions and plans, as well as evaluate and select technologies required to complete those plans
- Partner with IS leadership and other teams and individuals across the company to advance security standards and guidelines
- Understand regulations and governmental initiatives impacting TCH, our technology, our environment and systems to ensure security gaps are addressed
- Lead through influence, effective communication and demonstrated understanding of business and technical requirements
- Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
- Other Information Security-related tasks as assigned
Physical Demands and Work Environment:
- Work is generally sedentary in nature, but may require standing and walking. The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.
- A letter of interest describing your experience and interest in the position
- Your resume
- Names and contact information of three references, or three letters of reference
* Please submit a single application per position.