Associate Director Security Architecture (Data Architect)

Job Description

The impact you will have in this role:

You will also influence changes in existing control standards, create new IT security standards that are easily consumed by stakeholders, create specific security patterns & diagrams, and own the relevant 3-year capability roadmap. This role will be key in ensuring a Security-First mindset during DTCC's technology modernization journey.

Your Primary Responsibilities:

• Produce security architecture deliverables as part of initiatives related to DTCC data and its consumption modes.
• Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation.
• Be the subject matter expert for Data Security through the enterprise along with the security architecture team.
• Inspire team members and junior staff to contribute new ideas and alternative approaches.
• Design and optimize solutions to protect organization's data infrastructure, integrating cloud-based and on-premise components such as DLP, IPS, WAF, Proxy, access control management.
• Create and drive the internal and client data security capability roadmap within information technology & the respective IT stakeholders.
• Create and drive the Zero Trust data modernization roadmap within information technology & the respective IT stakeholders.
• Design Zero Trust data security controls through modern security technologies such as DSPM, DLP.
• Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners.
• Create IT security standards and drive best-practices which are easily consumed by IT stakeholders.
• Lead the technical analysis of data security capabilities with the aim of delivery new or enhanced security capabilities.
• Identify automation opportunities for data security controls lifecycle management.
• Act as the domain specialist to help guide and shape how network security controls are enabled and enforced.
• Mentor junior security architects to enhance their security and architecture skills within the team.
• Deliver high-quality executive architecture presentations and demonstrations.
• Maintain professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks.
• Create white papers and presentations in industry conferences to present thought leadership in security field.
• Align risk and control processes into day-to-day responsibilities to monitor and mitigate risk; escalates appropriately

Qualifications:

• 10+ years of related experience
• Bachelor's degree preferred in STEM areas such as Computer Science, Electrical & Computer Engineering, Information Management, Big Data & Analytics

Talents Needed for Success:

• Solid understanding of data security principles and encryption trends including quantum-resistant cryptography.
• Understanding of applied cryptography, key management, encryption at-rest and in-transit use cases and requirements.
• Experience in designing and implementing complex cloud architectures and cloud-native services.
• Solid working knowledge with data loss prevention techniques and DLP technologies.
• In-depth technical knowledge with DSPM, ASPM platforms.
• Technical understanding of Hardware Security Modules design and experience deploying and operating HSM-based solutions.
• Post Quantum Computing & Encryption knowledge is a plus.
• In-depth knowledge of at-rest/in-transit/in-use security controls, data classifications.
• Strong Information Security experience, specifically in data security domain (on premise and hybrid-cloud).
• Solid working knowledge with Next Gen firewalls, WAFs, proxies, IPS, traffic capturing and inspection technologies.
• Provide expert knowledge and experience performing deep packet troubleshooting and analysis with Wireshark, packet analyzer.
• In-depth knowledge of Zero Trust paradigm and data pillar designs improvements aligned with Zero Trust best practices.
• Working knowledge with 3+ vendors such as: Wiz, Zscaler, Akamai, Cloud-based data security services (AWS Macie, Azure Purview).
• Experience in data aggregation and transformation processes, ETL, unstructured and structured data schema processing and mapping, data pipelines, data repositories and warehouse strategies.
• Experience with monitoring and data analysis tools such as Splunk, Elastic, Power BI, Tableau.
• Fluent in one or more programming languages.
• Solid experience with Python and PowerShell, networking fundamentals, OS (Windows/Linux) security.
• Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks.
• Proficient in how Active Directory works.
• Familiar with PKI and SSL Certificate management.
• Solid analytical skills to troubleshoot high-level, complex and technical problems.
• Strong organizational skills and multi-tasking ability.
• Ability to prioritize and execute tasks in high pressure environment and make sound decisions in emergency situations.
• Strong technical writing skills to support required documentation.
• Has strong communication skills with the ability to present in front of large audience.
• Demonstrated ability to collaborate between product management, engineering, risk, and IT teams.
• Willingness to learn, be a team player and a strong cross functional partner.
• Adapts quickly to changes in business requirements.
• Self-motivated individual that can work independently on projects, as well as a team player working towards a common goal.
• Demonstrated ability to collaborate between product management, engineering, risk, and IT teams.
• Willingness to learn, be a team player and a strong cross functional partner.
• Adapts quickly to changes in business requirements.
• Self-motivated individual that can work independently on projects, as well as a team player working towards a common goal.

Please contact us to request accommodation.