Senior Security Architect
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Job Summary (Senior Security Architect) List Format
Purpose:
- Lead governance of application security architecture.
- Conduct threat modeling and control gap assessments.
- Oversee IT security reviews and ensure application compliance with security standards.
- Collaborate with development teams to integrate security into the SDLC.
- Support go-live approval processes ensuring security requirements are met.
Key Responsibilities:
- Design and review cybersecurity for systems and networks with multilevel security needs.
- Ensure acquired/developed systems align with organizational security architecture.
- Identify and address security gaps; develop security risk management plans.
- Provide security input for procurement and statements of work.
- Contribute to Risk Management Framework activities and documentation.
- Document impacts of new systems/interfaces on security posture.
- Evaluate and enhance security architecture/designs.
- Analyze user needs to inform architecture planning.
- Define and document required security controls for information systems/networks.
- Manage and improve application security frameworks.
- Implement tools and strategies for Application Security Program.
- Communicate with business lines and clients on complex security issues.
- Review and provide feedback on team documentation.
- Prepare management reports and activity updates.
- Develop and deliver services addressing risk and threats.
- Assess new technologies and information security management techniques.
- Ensure RTB (Run The Bank) and CTB (Change The Bank) activities are properly planned and executed coordinating with cross-functional teams.
Working Environment and Relationships:
- Collaborate with Technology Operations Business Technology Audit InfoSec International Banking etc.
- Work with cloud microservices open APIs blockchain enterprise infrastructure.
- Apply knowledge of security frameworks (NESA CIS NIST SOC2 ISO) and regulations (NY DFS FFIEC RBI HKMA etc.).
Problem Solving:
- Analyze complex security problems and develop/validate risk-based solutions.
- Perform root cause analysis and recommend remediation.
- Enable agile frameworks and proactive digital ecosystem management.
- Implement and manage changes for new/corrective solutions.
- Assess business impact of security issues.
Decision Making:
- Recommend and influence risk-based security solutions.
- Evaluate and validate proposed security technologies/solutions.
- Certify cloud and on-premise IT infrastructure security solutions.
- Prepare reference architectures for IT platforms.
- Coordinate PoCs and recommend cybersecurity solutions to management.
- Influence policy regulation and control decisions.
- Review and attest control designs.
- Conduct cost-benefit (ROI) analysis for risk/control decisions.
Skills and Experience:
- 14 years in security architecture including threat modeling and architecture review.
- Security certifications (CISSP CCSP ISSAP) preferred.
- Strong understanding of scalable highly available architectures.
- Experience with large complex transactional systems.
- 12 years of technology and people management experience.
- Familiarity with SDLC methodologies (Waterfall Agile CI/CD DevSecOps).
- Knowledge of application security vulnerabilities (OWASP Top 10).
- Proficiency in Windows & Linux administration.
---
Note: This list summarizes the key duties skills and requirements from the provided job description for a Senior Security Architect.
Purpose:
- Lead governance of application security architecture.
- Conduct threat modeling and control gap assessments.
- Oversee IT security reviews and ensure application compliance with security standards.
- Collaborate with development teams to integrate security into the SDLC.
- Support go-live approval processes ensuring security requirements are met.
Key Responsibilities:
- Design and review cybersecurity for systems and networks with multilevel security needs.
- Ensure acquired/developed systems align with organizational security architecture.
- Identify and address security gaps; develop security risk management plans.
- Provide security input for procurement and statements of work.
- Contribute to Risk Management Framework activities and documentation.
- Document impacts of new systems/interfaces on security posture.
- Evaluate and enhance security architecture/designs.
- Analyze user needs to inform architecture planning.
- Define and document required security controls for information systems/networks.
- Manage and improve application security frameworks.
- Implement tools and strategies for Application Security Program.
- Communicate with business lines and clients on complex security issues.
- Review and provide feedback on team documentation.
- Prepare management reports and activity updates.
- Develop and deliver services addressing risk and threats.
- Assess new technologies and information security management techniques.
- Ensure RTB (Run The Bank) and CTB (Change The Bank) activities are properly planned and executed coordinating with cross-functional teams.
Working Environment and Relationships:
- Collaborate with Technology Operations Business Technology Audit InfoSec International Banking etc.
- Work with cloud microservices open APIs blockchain enterprise infrastructure.
- Apply knowledge of security frameworks (NESA CIS NIST SOC2 ISO) and regulations (NY DFS FFIEC RBI HKMA etc.).
Problem Solving:
- Analyze complex security problems and develop/validate risk-based solutions.
- Perform root cause analysis and recommend remediation.
- Enable agile frameworks and proactive digital ecosystem management.
- Implement and manage changes for new/corrective solutions.
- Assess business impact of security issues.
Decision Making:
- Recommend and influence risk-based security solutions.
- Evaluate and validate proposed security technologies/solutions.
- Certify cloud and on-premise IT infrastructure security solutions.
- Prepare reference architectures for IT platforms.
- Coordinate PoCs and recommend cybersecurity solutions to management.
- Influence policy regulation and control decisions.
- Review and attest control designs.
- Conduct cost-benefit (ROI) analysis for risk/control decisions.
Skills and Experience:
- 14 years in security architecture including threat modeling and architecture review.
- Security certifications (CISSP CCSP ISSAP) preferred.
- Strong understanding of scalable highly available architectures.
- Experience with large complex transactional systems.
- 12 years of technology and people management experience.
- Familiarity with SDLC methodologies (Waterfall Agile CI/CD DevSecOps).
- Knowledge of application security vulnerabilities (OWASP Top 10).
- Proficiency in Windows & Linux administration.
---
Note: This list summarizes the key duties skills and requirements from the provided job description for a Senior Security Architect.
Key Skills
- Apache Hive
- S3
- Redshift
- Spark
- AWS
- Solr
- NoSQL
- Data Warehouse
- Internet Of Things
- Kafka
- DynamoDB
- ZooKeeper
