Job Description :
POSITION: Security Architecture Manager (Cloud Standards)
REPORTS TO: Director, Information Security
LOCATION: Dallas TX, New York, NY, or Winston-Salem, NC

Position Summary:
Information Security (IS) group is looking for a Security Architecture Manager as a direct report to the Director of Information Security. In this role, the candidate will provide technical leadership, subject matter expertise and direction on complex projects/initiatives for their assigned area(s) of responsibility. This position will function as a technology leader in the architecture design, planning, and delivery of enterprise-class security systems both on premise and in the cloud.

We are seeking strong, self-motivated candidates with a proven track record of understanding security controls, and working across an organization to implement and validate controls.

Qualifications Required:
Five or more years’ experience in:
Designing and implementing cloud security solutions
Providing consulting to business partners to influence security best practices and establish solid security principles across the organization
Meeting business goals along with customer and/or regulatory security-related requirements
Strong understanding of security principles for cloud and on premise systems in at least one of the following: network/infrastructure, mainframe, servers, mobile, system configuration
Experience with automation, orchestration and Infrastructure as code using tools like Puppet, AWS CloudFormation, and Terraform
Knowledge of securing development pipelines such as automated code scanning tools and API management
Experience with securing containers including container management solutions such as Kubernetes, and OpenShift
Experience with managing enterprise grade cloud security solutions such as Cloud Access Security Brokers (CASB)
Knowledge of security defenses against data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and Denial of Service attacks
Ability to provide direction and guidance at all levels of the organization on architectural use cases and requirements
Ability to contextualize security issues and business risks both verbally and in writing
Bachelor''s degree in engineering, computer science, or a related field with a minimum of 8 years of experience in technical roles
Strong analytical and problem solving skills
Strong communication skills and business acumen
Knowledge of Security and Industry frameworks such as ISO27001/02, NIST 800-53, SANS Top 20 Critical Security Controls, COBIT, PCI-DSS, and NIST Cybersecurity Framework
A combination of relevant industry certifications related to Information Security (e.g. CISSP, CISM), Architecture (e.g. TOGAF, AWS Certified Solutions Architect), and Cloud (e.g. AWS, Google, and Azure including Microsoft 365)

Essential Functions and Responsibilities:
Architect, design, and oversee enterprise-class security systems in public clouds such as Amazon Web Services (AWS), and Microsoft Azure
Ensure organizational alignment with the cloud security strategy including integration with tools such as Cloud Access Security Broker (CASB)
Coordinate security activities within IS and across the organization such as the Architecture Review Board (ARB), and the Cloud Center of Excellence (CCOE)
Design and document security architecture requirements and building blocks to mitigate threats and risks
Collaborate with the development and project teams to ensure cloud security standards, patterns, and best practices are followed
Maintaining security architecture documentation and diagrams
Gain organizational commitment for security solutions and plans, as well as evaluate and select technologies required to complete those plans
Partner with the IS leadership team, and other teams and individuals across the company to advance security standards and guidelines
Provide regular updates to stakeholders on any assigned findings, and remediation plans related to cloud security
Understand regulations and governmental initiatives impacting our technology, our environment and systems to ensure security gaps are addressed
Lead through influence, effective communication and demonstrated understanding of business and technical requirements
Stay up-to-date with current and emerging cloud security topics
Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
Excel as a ‘manager of one’ by defining and executing on goals and tasks that are aligned with organizational objectives
Other Information Security-related tasks as assigned

Client : Financial