Principal Security Architect

Why you''ll love this job The Principal Security Architect it an Identity Access Management (IAM) Architect. Responsibilities include, but are not limited to, conducting a comprehensive review of the existing identity access management controls (on-premise and cloud), influencing change in the controls standards, creation of IT security standards easily consumed by stakeholders, creation of access specific security patterns & diagrams, and ownership of the IAM security capability 3 year roadmap. As a Cybersecurity ambassador, this role is essential as we shift to a Security-first culture in IT. What you''ll do Produce security architecture deliverables as part of initiatives related to network security Partner with IT teams to improve the network security services for the enterprise Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation Innovate and think outside of the box to solve complex issues Create and drive the IAM security capability 3-year roadmap with within Cybersecurity Services & respective IT stakeholders Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners Create IT security standards easily consumed by IT stakeholders Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the DTCC access management security posture Identify access management gaps through proactive discovery and partner with app dev teams for remediation Evaluate the existing application security controls, on-premise and cloud, identify improvements, and build plans into the application security capability roadmap for implementation Mentor junior security engineers to enhance their security skills within Cybersecurity Services Maintains professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks Create white papers and present in industry conferences to present thought leadership in the security field Your talents needed for success 8-10 years of related experience Bachelor''s degree preferred Strong Cybersecurity experience across network, application (web, API) & public/private cloud security architecture (web application firewalls, containers, etc..) Experience in architecting IAM sub-capabilities (authentication/authorization, user behavior analytics, provisioning) Strong experience in identifying access management control gaps Understanding of core cryptography concepts Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks Experience architecting automated data center processes, including provisioning, application and patch management, monitoring and alerting, capacity monitoring and planning, leveraging execution and human approval workflow design and implementation Experience in OS security (Windows, Linux) and RDMS is preferred

Created: 2021-11-29