- Implement the Firm's Cybersecurity Strategy by architecting, engineering, deploying, and operating technical security controls as they related to virtual machines, storage, key vault, database services infrastructures in the Cloud.
- Engineer and operate solutions that protect Cloud resources from malicious internal and external threats by providing additional preventative, detective and hardening controls and by enabling Real Time endpoint detection and response capabilities.
- You will have strong Cloud Infrastructure/Security knowledge and experience working in enterprise on-prem and Cloud environments.
- You will research, architect, engineer and deploy SAST, DAST, SCA tools and Container based security controls.
- You will automate security hardening tasks in Cloud to ensure gaps are identified and addressed quickly with our standards.
- Performs as the Subject Matter expert focused on multiple technologies within the Security domains (Security Engineering, IAM, Cloud Security, Data Security, Network Security, Encryption, Privileged Access Management, Federation etc.).
- Establishes a strategic security architecture vision, including standards and frameworks for medium to large enterprises.
- Develops and maintains log analysis solutions, including data collection and aggregations, data normalization, and reporting.
- Review and analysis of security logs from a wide variety of sources.
- Coordinate and perform security audits and vulnerability assessments to assess internal security procedures and compliance requirements.
- Work with relevant internal IT Application, Infrastructure, Network and Support teams to ensure that security controls are implemented at all significant layers, test those controls and perform gap analysis to find areas of improvement.
- Strong understanding and hands on implementation experience with SANS/CIS Top 20, NIST CSF, 800-53, ISO27001 and FFIEC CAT controls.
- Strong Incident Response skillset using MITRE ATT&CK and Cyber Kill Chain frameworks. Being able to conduct threat modeling in order to determine major threats facing the firm.
- Good understanding of Zero Trust principles.
- Perform testing to evaluate new products for network and system security controls.
- Supporting offensive architecture analysis and design of defense-in-depth solutions
- Participate in the development of the security roadmap and communicate the Technology Security vision to senior management and technical departments.
- Coordinates with project team the implementation, upgrade and maintenance of security solutions.
- Creates, maintains, and executes required test case scenarios and use cases to verify requirements
- Mentor junior team members and inspire them to take on challenging tasks within the department.
- Monitors data quality and assists in the collection of data for Risk Management and internal auditors.
- 7+ Years of hands-on security architecture, implementation and design experience required, designing globally scalable Cloud security solutions.
- Strong *nix security engineering background required.
- Strong knowledge of Automation using Terraform. Ansible a plus
- 3+ years of experience with Azure, AWS Docker/EKS and container solutions required.
- Good understanding of DevSecOps concepts highly desired.
- Experience working with CI/CD pipelines and IaC highly desired
- Scripting experience in Terraform, bash, python, perl or any other scripting language required.
- Strong understanding of DNS concepts and DNS management using commercial tools
- Cloud Security and hands on knowledge with Azure and/or AWS is highly desired.
- 3+ years' experience delivering large and complex programs - where you own the business or technical vision, collaborate with large cross-functional teams, secure commitments on deliverables and unblock teams to land business impact
- Experience in building systems and solutions within a highly regulated environment
- Strong knowledge of enterprise Information Security pillars (Perimeter security, Identity Management and Governance, Privileged Account Management, Compliance, Penetration testing, Encryption, Cloud Security, Incident Response, Vulnerability Management)
- Understanding of OWASP Top 10 highly desired.
- Good understanding of Zero Trust principles highly desired.
- Excellent communication skills, writing skills, and the ability to work with internal teams.
- Be a performance-driven team player with an excellent attitude.
- Performing gap analysis within different environments coupled with an in depth understanding of regulatory guidelines as well as standards and best practices related to CIS Top 20, ISO and NIST CSF frameworks.
- Ability to communicate information security concepts across a broad range of technical & non-technical staff.
- Bachelor's degree in information security, Compute Science or related field Required
- One of the following certifications is required - CISSP, CEH, Azure Cloud security, AWS, GCP or equivalent Cloud certification.
-
Mainframe Security Architect
1 week ago
Deutsche Telekom AG New York, United StatesAufgabe · Als · Mainframe Security Architect (m/w/d ) sind Sie maßgeblich daran beteiligt, die Mainframe-Technologie mit dem Fokus auf Sicherheit weiterzuentwickeln und sicherzustellen, dass unsere Kunden von einer reibungslosen Mainframe-Systemleistung profitieren. · Zu Ihren ...
-
IT Security Architect
3 days ago
CLS Group New Jersey, United StatesIT Security Architect · Hybrid - 2 days onsite Iselin, NJ · Job Purpose · We are looking for a highly motivated IT Security Architect who is able to operate with a high level of autonomy to conduct the required architectural analysis and design in line with the enterprise securit ...
-
Security Architect
1 day ago
GuidePoint Security New York, United StatesGuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation' ...
-
Security Architect
2 days ago
Cognizant Technology Solutions New York, United StatesJob Description · Security Architect – IAM · Location : NYC ( ONSITE ) · Roles and responsibilities :- · 10+ years of experience in Identity & Access Management · Strong experience in Microsoft Entra ID Administration with users, groups and roles management etc. · Strong experie ...
-
Security Architect
1 week ago
S&P Global New York, United States Full timeAbout the Role · : Grade Level (for internal use): · 13 Product engagementIdentify and prioritize critical business functions in collaboration with organizational with business units to understand their security requirements and align security capabilities accordingly.Determin ...
-
Senior Security Architect
3 days ago
COGENT Infotech New York, United StatesCogent Infotech is seeking a senior security architect on behalf of our client, an innovative technology company in NYC. This is a 1-year contract that can be extended for multiple years or be converted into a permanent position. This position requires the successful candidate to ...
-
Security Engineer/Architect
1 week ago
RightTalents LLC New York, United StatesTitle: Security Engineer/Architect · Location: Brooklyn, NY (Onsite) · Duration: 12 Months · SCOPE OF SERVICES Firewalls and Network – Next-Gen Firewall, Routing and Defensive Security, · DNS, DDOS: design, implementation, and configuration · MANDATORY SKILLS/EXPERIENCE · Minimu ...
-
M365 Security Architect
1 week ago
Motion Recruitment New York, United StatesM365 Security Architect · New York, NY · **100% Remote** · Contract · $70/hr - $80/hr · A leader in the educational resources space is looking to onboard a M365 Security Architect This is a great contract opportunity for those with expertise safeguarding Microsoft software and se ...
-
Cloud Security Architect
4 days ago
Sumitomo Mitsui Financial Group, Inc. New York, United StatesSMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 ...
-
Network Security Architect
2 days ago
The Rockridge Group New York, United StatesJob Description · Job DescriptionNetwork Security ArchitectPrincipal Responsibilities:Architect and implement network communication and telephony solutions · Secure and harden the network, server, data and end user infrastructure · Architect and implement end user device solution ...
-
GCP Security Architect
1 day ago
Publicis Sapient New York, United StatesJob Description · As a GCP Security Architect , you will be a part of a smart cross-functional team delivering digital business transformation solutions to our clients. You'll have the unique opportunity to increase the engineering team productivity by developing and overseeing t ...
-
Network Security Architect
1 day ago
InfoPeople New York, United StatesResponsibilities: · • Develop, implement, and manage comprehensive network security design, policies, plans, and procedures, encompassing security architectures, firewall policies, intrusion detection systems, and security data collection systems. · • Detect, investigate, mitigat ...
-
Security Architect – IAM
5 days ago
Cognizant Technology Solutions New York, United States OTHERSecurity Architect – IAM · Location : NYC ( ONSITE ) · Roles and responsibilities :- · 10+ years of experience in Identity & Access Management · Strong experience in Microsoft Entra ID Administration with users, groups and roles management etc. · Strong experience (8+ years) in ...
-
Industrial Staffing Services Inc dba Equiliem New York, United StatesJob Description: PLEASE NOTE THIS POSITION WILL ALLOW CONSULTANT TO WORK REMOTELY, WITH MANAGERIAL DESCRETION. HOWEVER, THE CONSULTANT WILL NEED TO BE ONSITE 3 TIMES PER WEEK, AT A MINIMUM. THEREFORE, CONSULTANT NEEDS TO BE LOCAL TO NYC AND ABLE TO TRAVEL TO OUR OFFICE WITHOUT IS ...
-
Equiliem New York, United States· Job Description: · *PLEASE NOTE THIS POSITION WILL ALLOW CONSULTANT TO WORK REMOTELY, WITH MANAGERIAL DESCRETION. HOWEVER, THE CONSULTANT WILL NEED TO BE ONSITE 3 TIMES PER WEEK, AT A MINIMUM. THEREFORE, CONSULTANT NEEDS TO BE LOCAL TO NYC AND ABLE TO TRAVEL TO OUR OFFICE WIT ...
-
Information Security Prnc Architect
1 week ago
City National Bank New York, United StatesOverview: · INFORMATION SECURITY ARCHITECT (TECHNICAL SERVICES MANAGEMENT) WHAT IS THE OPPORTUNITY? The Information Security Architect plays key role in the Information Security program with responsibility to lead and oversee the design and implementation of the bank's enterpris ...
-
AWS DevSecOps/Security Architect
5 days ago
InterEx Group New York, United StatesOne of InterEx's key clients within the financial industry is looking for an AWS Security/DevSecOps Architect for a full-time position. · Details: · This position will be 2 days on-site in Chicago or Dallas and 3 days remote. Please note, only US citizens or Green-card holders a ...
-
Solutions Architect III, Security
1 week ago
Zones New York, United StatesCompany Overview: · When it comes to IT solution providers, there are a lot of choices. But when it comes to providers with innovative and differentiating end-to-end service offerings, there's really only one: Zones – First Choice for IT.TM Zones is a Global Solution Provider of ...
-
National Principal Security Architect
1 week ago
ePlus Technology, inc. New York, United StatesOverview · **REMOTE OPPORTUNITY for candidates located throughout the contiguous United States. Candidates MUST be open to 20% travel.** · As a National Principal Security Architect (Palo Alto SME), you will be responsible for developing solutions around new and emerging techno ...
-
Cloud Security Architect
3 days ago
Oxenham Group Jersey City, United StatesCloud Architect · Our client is a technology services company specializing in migrating companies to the cloud by designing custom solutions to fit their business needs. They are looking to add an experienced Cloud Architect to their team: · Essential Duties and Responsibiliti ...
Cloud Security Architect - New York, United States - SMBC Group
Description
The anticipated salary range for this role is between $100,000.00 and $185, The specific salary offered to an applicant will be based on their individual qualifications, experiences, and an analysis of the current compensation paid in their geography and the market for similar roles at the time of hire. The role may also be eligible for an annual discretionary incentive award. In addition to cash compensation, SMBC offers a competitive portfolio of benefits to its employees.
Role Description
The Vice President, Cloud Security Architecture will be responsible for ensuring that Information Security systems and Cloud infrastructures are configured, deployed, and maintained in accordance with SMBC's polices and security standards. This position requires participation in technical research and development to enable continuing innovation for Cyber Security and Information Risk management.
This role is part of a team responsible for administering security projects designed to safeguard SMBC's Cloud infrastructures which is made up of Azure, AWS and GCP. The Vice President of Cloud Security Architecture focuses on implementing and engineering information security solutions using industry's best practices, defining and documenting projects, creating and executing project plans, engaging in project cost management, resource management and performing periodic reporting. This position requires participation in technical research and development to enable continuous innovation for Cyber Security and Information Risk department. Acts as a subject matter expert who utilizes his/her Cloud Security Engineering expertise to resolve complex problems in consideration of established policies, guidelines, or processes. Reports to Head of Cloud Security Architecture with reporting lines into the Head of InfoSec of Americas Division.
Role Objectives
Qualifications and Skills