Full-Time Principal Network Security Architect
The Cybersecurity Services (CS) domain within Information Technology has a mission to drive efficient and effective security capabilities through innovative thought leadership with a security first mindset which advances mission to protect and shape financial markets.
As the Principal Security Architect (Network) in Cybersecurity Services, you will be responsible for reviewing the existing network configuration (on-premises and cloud), proposing changes to existing control standards, crafting new IT security standards, designing network security patterns & diagrams, and driving the network security capability roadmap. This role is pivotal in the Security-First culture. This position reports to the Executive Director, Cybersecurity Architecture.
- Create and drive the network security capability 3-year roadmap with within Cybersecurity Services & respective IT partners
- Build IT network security standards easily consumed by IT partners
- Build network security patterns and designs as part of initiatives to modernize the network security posture
- Proactively identify network security control and architecture gaps & partner with infrastructure teams for remediation
- Mentor junior security engineers to improve their skills.
- 8-10 years of related experience
- Bachelor’s degree or equivalent experience
- Palo Alto (PCNSE, PCCSE, PCNSA) or Cisco (CCNP, CCIE) certifications preferred
- Strong Cybersecurity experience across network & public/private cloud security architecture (firewalls, IDS/IPS, network behavior analytics, DNS, WAF, DDOS protection, network segmentation, etc.)
- Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks
- Experience with Cloud methodologies (IaaS, PaaS, SaaS), trends and industry-leading private/public/hybrid cloud vendor offerings and interoperability
- Experience designing, developing, configuring, implementing, and managing enterprise networks with diverse solutions from multiple vendors
- Experience with firewall policy, management, and automation tools is preferred
- PKI and digital certificate management, OS security (Windows, Linux), & RDMS experience is preferred