Security Architect

at DTCC
Location Tampa, FL
Date Posted July 13, 2021
Category Default
Job Type Contractor
Full-time

Description

Why you'll love this job:

Being a member of the Technology Risk Management (Information Security) office, the Security Architect is an authority with strong desire to learn and experiment with new technologies. This candidate will be responsible for providing highly sophisticated technical and analytical skills to the Technology Risk (TR), Information Security. Under the supervision of the Director of the Security Technology Team, this position will assist in the development and assessment in the areas of cloud security architectures, designs, policies, and control standards with a special emphasis on Amazon Web Services (AWS) and Microsoft Azure. Works with other senior system and application architects to ensure technical quality of sophisticated security focused work and alignment to security standards, governance, and controls practices. Incumbent should be considered a security and technical specialist in cloud and Distributed Ledger Technology (DLT) security technology, architecture, designs, systems implementation, and integration, with deep, niche knowledge of AWS, Azure, and multiple block chain protocol and networks. Conducts technical research when vital to supply to setting corporate security direction and strategy.

Your Responsibilities

  • Provides Cloud Security master level advice and mentorship related to all DTCC activities including Information as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) initiatives, projects, plans, and reviews with a niche focus on Amazon Web Services (AWS)
  • Conduct detailed risk and security assessments for DLT solutions in scope to resolve feasibility of successful implementation
  • Engage with technical teams in education /advocacy of security for proposed DLT solution. Ensure the proposed DLT solutions meets the corporate security controls and policy standards in crafting & operating the applications
  • Works cross functionally to evolve DLT and cloud based DTCC products while adhering to DTCC’s Information Security Policies and Control Standards
  • Provides cutting edge security mentorship and assistance to development teams using the concepts of DevSecOps
  • Assists project teams during system design and project lifecycle to: define time tables and project plans, including achievement definitions and progress tracking; draft logical architectural and design models with a focus on cloud security; Consults with application development teams to resolve cloud security requirements and for planning and delivering cloud based business solutions; promote the efficient deployment of IT assets to cloud environments in a secure and policy compliant manner, ensures compliance with security policies, guidelines, standards, controls, and governance
  • Participates in working groups of domain specialists for definition and review of security standards, guidelines, principles, governance, and controls
  • Actively gives senior information security architectural advice to TR members, multi-functional application development teams, various councils and committees and architecture roundtable meetings
  • Works closely with multiple senior security architects to ensure a shared vision across DTCC for cloud architecture and security
  • Gives to overall strategy and cloud development by crafting, developing, and implementing new cloud security technologies as vital to support DTCC business and solutions
  • Defines, publishes, and maintains processes for security governance (i.e. compliance to principles, guidelines, and standards)
  • Coordinates the monitoring of the life cycle of specific cloud security assets
  • Identifies, understands, and documents extensions to, and variants from, cloud security and architecture standards
  • Mitigates risk by following established procedures, spotting key errors, and demonstrating strong ethical behavior

Qualifications

  • Deep knowledge and experience of cloud computing infrastructure, application development methodologies, best approach, and available and emergent services in several cloud provider environments including Amazon Web Services (AWS) and Microsoft Azure
  • Knowledge of various blockchain networks, token protocols, consensus algorithms, public and private key cryptography, symmetric, hash functions, encryption/signatures
  • Shown knowledge of technical infrastructure, networks, databases, and systems and how they affect an organization’s cybersecurity risk
  • Validated knowledge of security methodologies, policies, standards, and best plan of attack.
  • Confirmed knowledge of information technology systems, infrastructure, and operations
  • Ability to explain and articulate technical concepts using both technical and non-technical language
  • Critical thinking and analytical skills
  • Able to work closely by building consensus and influencing decision making to develop forward progress with projects and initiatives
  • Strong oral and written communication skills
  • Good interpersonal skills, coupled with ability to be versatile and flexible
  • Sound business judgment and the ability to work optimally with all levels of management

Experience:

  • Experience using cryptography material such as certificates for identity management to authenticate members, transactions etc.
  • Experience with Docker, Kubernetes, and other container orchestration solutions.
  • Experience and/or certifications with Amazon Web Services, Google Cloud Platform, or Microsoft Azure; namely choosing platform components and assembling application and runtime architecture
  • 3 or more years of hands-on experience with one or more blockchain platforms: R3 Corda, Hyperledger Fabric, DAML, Enterprise Ethereum, Hyperledger Besu
  • 5 - 7 years of risk assessment experience in one or more areas: application, infrastructure, vendor risk management
  • Financial Services Industry experience a plus but not required
  • Proficiency with Information Risk Management standard methodologies

Education, Training and Certification:

  • Minimum of 10 years of related experience
  • Bachelor's degree preferred with master’s or equivalent experience

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.