Azure Information Security Principal Architect
The Information Security (IS) Principal Architect is a key leader in the Security Architecture team within the Chief information and Security (CISO) Office. The IS Principal Architect is a subject matter expert who, through independent project engagements and collaboration with business and technology partners, as well as third party vendors, designs, reviews, and helps develop the security architecture for the organization. In the security space, this includes, but is not limited to, critical cloud infrastructure components and capabilities such as Shared Responsibility Model, Identity and Access Management, Security Visibility tools such as Splunk, Datadog, Encryption Capabilities and tool sets such as Hashicorp Vault and CyberArk.
• This role is responsible for helping ensure that security is natively incorporated into the organization’s cloud operating environment and that these environments are sufficiently armored to defend against modern cyber threats. The IS Principal Architect maintains current knowledge of emerging cyber threats, new technologies, compliance requirements, and recommends cyber security enhancements and purchases that allow Citizens Bank to maintain healthy and functional systems.
• Architecture and development of automation and orchestration across cryptographic frameworks
• Collaborating with business and IT stakeholders to secure strong engagement for the solution and ensuring that the delivery of the Platform aligns to longer-term strategic roadmap
• Defining and communicating the technology direction by collaborating with IT and business stakeholders to establish and maintain Architecture Roadmaps. These define the target architecture direction and high-level roadmap for cryptographic platforms that will benefit multiple business divisions and organizations
• Leading efforts to prioritize, establish and maintain cryptographic Principals and design patterns to promote reuse, improve stability and improve security
• Partnering with technology leaders and subject matter experts in the security space to providing guidance during architecture design activities of new and existing capabilities.
• Conducting architectural risk and impact assessments of the IT Application environments.
• Researching and evaluating proposed business solutions for adherence to documented company standards, policies, and regulatory responsibilities.
• Working collaboratively with multidisciplinary teams and Business Units to implement and support existing and future solutions.
• Determining security requirements by evaluating business strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, and identifying integration issues.
• Operating as a security subject matter expert with regards to strengths and weaknesses of the cloud environments and being able to recommend improvements to both software and hardware.
• Identifying security standards and formalizing security architecture design patterns to mitigate threats
• Assessing emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions, or extend capabilities.
• Location is not a barrier for this role and while our preference would be to have a chosen candidate with onsite capabilities in one of our corporate headquarters – we are open to remote employment within the United States for an experienced candidate.
Experience and Skills:
• 5 or more years in system, cloud, security administration, controls, or information management experience and/or Security Engineer/Architect/Consultant
• 5 or more years of security architecture experience in Microsoft Azure and/or Amazon AWS.
• Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• Experience with service-oriented architecture for cloud-based services.
• Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies. Demonstrated ability to think strategically about business, product, and technical challenges.
• Experience with building and maintaining effective relationships with stakeholders, clients, peers, supervisors, subordinates, and other internal company staff
• Experience creating an enterprise architecture (application, data, and technical) that is aligned to business and IT imperatives.
• Familiarity with security industry standards (ISO 17799, ISO 27001/2, ISO 31000, NIST 800 series, etc.)
• Experience with internal controls, risk assessments, business process and internal IT control testing or operational auditing
• Experience in defining and implementing cloud security and solid understanding of best practices
• Influencing experience at senior levels within an organization
• Excellent verbal and written communication skills
• Industry experiences in financial services, high-tech, and /or healthcare preferred
Education and Certifications:
• Bachelor’s degree (Degree in Computer Science or Computer Engineering preferred)
• CISSP other relevant security certifications and knowledge of ISO and NIST security standards preferred
Let us help you find this person. Get in touch with our professional recruiters to help find the right person for this position. It costs you nothing unless you hire the person!
By providing my phone number to Harvard Partners, I agree and acknowledge that Harvard Partners may send text messages to my wireless phone number for any purpose. Message and data rates may apply. Message frequency will vary, and you will be able to Opt-out by replying “STOP”. For more information on how your data will be handled please read our Privacy Policy.