Develops and implements global security architecture solutions using formal risk management methodologies. ...
Develops and implements global security architecture solutions using formal risk management methodologies. Develops information security architecture to enforce security requirements and address identified risks. Works with other IT staff to ensure design achieves both business and technical requirements.Evaluates vendor products for security capabilities. Remains current on IT Security/Architecture trends. Contributes to the achievement of multiple teams' objectives
About the position:
The Next Generation Infrastructure Security Architect establishes technical strategies of innovative security and emerging technologies which are functional and secure based on International and Federal standards and financial industry best practices for Bank of New York Mellon and its boutiques. This position will perform technical support across the CISO team, business lines and technology teams around a multitude of security technologies, across all types of Infrastructure, Platform, and Software. This position supports the secure design, development, implementation, and/or integration of next generation technologies across the bank's entire line of services and the bank's cybersecurity program. Responsible for ensuring that emerging technologies and FinTech solutions will be functional and secure within the bank's computing and networking environments and in alignment with relevant bank security policies and directives.
Duties: Lead security technology requirements and architectural Network/ Systems infrastructure and blueprint delivery on emerging technologies and FinTech. Current technology focus areas include Blockchain, Public / Private / Hybrid Cloud Strategies, Mobile Solutions, Deceptive Technologies and Automation. Provide guidance and assistance to senior level technology and business managers in researching innovative and disruptive technologies. Operate as a transformation agent to upgrade and enhance Business as Usual (BAU) process in Security Operations, Engineering, governance and other control/technical processes to deploy securely. Balance big-picture perspective with hands on execution to devise economically viable security by design solution for complex cross functional projects with a focus on Network/ Systems Infrastructure security . Network/ Systems Infrastructure design security documents including references architectures and design blueprints. Support the development of policies and best practices as new technologies are introduced and threat landscape expands. Assist operations team in security evaluation of internal and third-party developed hardware, software, documentation, testing, and document evaluation findings in reports and briefings. Evaluate and apply international, federal, and state cyber-security (ISO, NIST, Fed, OCC, SEC, etc.) policies and instructions to ensure system and interface requirements support cyber-security needs.
Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred 10-12 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus
Desired skills: Ability to see the "big picture" while focusing on small components of the overall vision. Have previous experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development, application security, data protection, cryptography, key management, identity and access management, network security) Possess working knowledge of common and industry standard identity and access management mechanisms (SAML, OAuth, Kerberos, Active Directories, etc) and cryptography (key management, encryption, etc.) Demonstrated hands-on security architect with experience architecting Information Security systems/services