Security Architect – Pittsburgh, PA – Hybrid

Location: Hybrid

Job Type: Full Time / Permanent

Position Summary

The Security Architect will lead cybersecurity architecture and design functions to support delivery of both business and technology solutions.

Primary Success Factors

  • Drive design, strategy and execution across multiple technology security architectures including application, cloud, information security and infrastructure
  • Lead and enable core security practices within the Cloud based container based architecture including Docker, Microservices and AWS.
  • Lead information security reviews of technology environments and business unit services
  • Lead security implementation plans with cross-functional teams
  • Drive implementation of security standards and practices to support a strong security posture
  • Lead design of information security orchestration to automate key processes
  • Lead information security integration in DevSecOps continuous integration / deployment code pipeline processes
  • Support execution of security incident response processes
  • Lead security elements of software development lifecycle process specifically static code analysis, open source composition analysis and dynamic code analysis
  • Identify process and operational improvements to extract further value from existing information security investments in order to meet dynamic compliance, regulatory and security requirements
  • Serve on the Enterprise Architecture Group to advise on information and cyber security principles
  • Understand emerging information security solutions and apply to advance the security program

Required Experience

  • A minimum of seven years of broad level experience in architecting technology and information security eco-systems across a variety of technical and business disciplines
  • Bachelor’s degree in Information Systems or related field or an equivalent combination of education and work experience
  • Industry certification or eligibility preferred (e.g. CISSP, CCSP, ISSAP, AWS security certifications)
  • Strong working knowledge of cybersecurity architecture and engineering,  technology control frameworks and standards, and information security best practices
  • Deep knowledge of cloud and container based technology architectures including Kubernetes, AWS, Microservices and Docker.
  • Deep understanding of Identity & Access Management architecture and process concepts
  • Strong understanding of continuous development/continuous integration processes and toolsets (ie: Jenkins, Nexus), IaC and development tools
  • Knowledge of control activities in the areas of change management, computer operations, database administration, information security administration, network security, operating system security and application security
  • Knowledge of current tools/practices for developing and publishing policies, procedures, metrics and other information
  • Knowledge of security design in cloud architectures including Amazon Web Services and Microsoft Azure
  • Knowledge of Bank business applications is a plus
  • Knowledge of data query, analysis, and scanning tools and techniques
  • Strong interpersonal, written and oral communication, and analytical skills
  • Ability to manage multiple priorities, work independently, coordinate work assignments with management throughout the organization and reliably meet commitments
  • Strong aptitude for technology and an ability to learn quickly