Pittsburgh, PA, United States
Security Architect
Job Description:
Prequel is seeking an Security Architect role.
Primary Success Factors
- Drive design, strategy and execution across multiple technology security architectures including application, cloud, information security and infrastructure
- Lead and enable core security practices within the Banks Cloud based container based architecture including Docker, Microservices and AWS.
- Lead information security reviews of technology environments and business unit services
- Lead security implementation plans with cross-functional teams
- Drive implementation of security standards and practices to support a strong security posture
- Lead design of information security orchestration to automate key processes
- Lead information security integration in the Banks DevSecOps continuous integration / deployment code pipeline processes
- Support execution of the Banks security incident response processes
- Lead security elements of the Banks software development lifecycle process specifically static code analysis, open source composition analysis and dynamic code analysis
- Identify process and operational improvements to extract further value from existing information security investments in order to meet dynamic compliance, regulatory and security requirements
- Serve on the Banks Enterprise Architecture Group to advise on information and cyber security principles
- Understand emerging information security solutions and apply to advance the Banks security program
Required Experience
- A minimum of seven years of broad level experience in architecting technology and information security eco-systems across a variety of technical and business disciplines
- Bachelors degree in Information Systems or related field or an equivalent combination of education and work experience
- Industry certification or eligibility preferred (e.g. CISSP, CCSP, ISSAP, AWS security certifications)
- Strong working knowledge of cybersecurity architecture and engineering, technology control frameworks and standards, and information security best practices
- Deep knowledge of cloud and container based technology architectures including Kubernetes, AWS, Microservices and Docker.
- Deep understanding of Identity & Access Management architecture and process concepts
- Strong understanding of continuous development/continuous integration processes and toolsets (ie: Jenkins, Nexus), IaC and development tools
- Knowledge of control activities in the areas of change management, computer operations, database administration, information security administration, network security, operating system security and application security
- Knowledge of current tools/practices for developing and publishing policies, procedures, metrics and other information
- Knowledge of security design in cloud architectures including Amazon Web Services and Microsoft Azure
- Knowledge of Bank business applications is a plus
Required Skills:
Security