Senior Information Security Architect II

When you join Sallie Mae, you become a champion for all students.

We're on a mission to power confidence as students begin their unique journey. To help them plan their higher education, successfully finish, and prepare for life after school. To help them Start smart. Learn big.

Students need guidance navigating this important time in their life. They need someone who acknowledges that their education path is unique. They need a partner willing to evolve and not only meet but surpass their expectations. We're changing. Because students need a better way.

We're looking for people who are excited to drive this transformation. To break barriers and think of new ways to adapt, help, and create better experiences for students-and for each other.

This is where diverse backgrounds, beliefs, and perspectives matter. It's where you're empowered to bring your authentic self to work.

Feeling your best allows you to do your best. Our benefits take care of the whole you-from physical and mental to financial and professional. You'll get opportunities to further your education and career, support for you and your family (including your pets!), paid time off to volunteer for the things that matter to you, and more.

We're obsessed with impact and making a real difference. For us, that means putting relationships first, asking "why not?" when tackling challenges, and continuously learning new skills.

Come do more than join something, change something. For students, for future generations, for the future of education.

As a security architect with a specialization in enabling rapid and durable DevSecOps capabilities, you will be a strategic leader in shaping security posture of the organization's enterprise architecture. You will architect resilient, compliant, and scalable solutions that protect critical assets, mitigate risks, and enable durable secure application development lifecycle that can be leveraged by all application development teams.

In this role, you will work closely with the enterprise architects and solution architects to ensure security is embedded across all architectural layers and aligned with business objectives and regulatory requirements. Your leadership will help the organization operate confidently in a dynamic threat environment while contributing to the development of enterprise-wide architectural principles, patterns, and standards to achieve our Secure-by-Design strategic intent.

What You'll Do

• Contribute to the success of Enterprise Architecture foundation and framework.
• Partner with other Enterprise Architects to articulate and evolve architectural principles, reusable patterns, and technology standards that promote secure design and interoperability.
• Partner with other Solutions Architects and Application Development Leaders to develop and implement durable security controls anchored in OWASP ASVS for the secure application development environment.
• Collaborate with the information security team to evangelize security best practices across the organization, promoting awareness and adoption among technical and non-technical stakeholders to establish security-first culture.
• Conduct risk assessments and threat modeling to identify vulnerabilities and implement mitigation strategies, including security controls, encryption, and access management solutions.
• Evangelize secure-by-design principles across the organization, promoting awareness and adoption among technical and business stakeholders.
• Partner with IT, DevOps, and business units to integrate security into system designs and promote a security-first mindset.
• Stay ahead of emerging security threats and trends, proactively addressing risks and advising on innovative solutions like zero-trust architecture and secure APIs.

The above information is intended to describe the general nature and level of work performed by employees assigned to this job; it is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees in this role.

What You Have

Minimum education, skills and experience required.

• Thorough understanding of how security frameworks and architecture (e.g., NIST Cybersecurity Framework, MITRE ATT&CK framework, Zero Trust, PCI) is applied in a regulated financial services environment, from public-facing online service offerings to backend enterprise data processing and automation.
• Track record of formulating and transforming security frameworks and application security verification best practices into practical repeatable patterns, templates and copybooks to be used in AzureDevOps software build pipelines and in AWS cloud resource configurations conforming to enterprise architecture standards.
• Background in secure system design, solid grasp of API-based identity, conditional access and fine-grained authorization management (IAAM), zero knowledge proof (ZKP), public key infrastructure (PKI), data encryption and network security.
• Strong knowledge of cloud security principles automating DevSecOps practices in Azure DevOps, automating test driven design such as Playwright MCP, building resilient AWS Compute and Storage workloads and securing Snowflake data sharing controls.
• Ability to evangelize security best practices and influence cross-functional teams.
• Experience delivering software projects in fast-paced, highly regulated environments (FDIC, etc.)
• Excellent leadership and communication skills to articulate complex security concepts to diverse audiences.
• Strong analytical and problem-solving skills to assess and mitigate risks.
• Ability to work collaboratively with information security teams, business stakeholders, and technical teams.

Preferred education, skills, and experience.

• A master's degree in computer science, engineering, or a related technical field is required.
• Preferred certifications: CISSP, CISM, CCSP, AWS Certified Security-specialty
• Minimum 10 years of experience in software architecture and design.
• 8+ years of experience in cybersecurity, with at least 5 years in enterprise architecture role.
• Familiarity with enterprise architecture frameworks (e.g., TOGAF, Zachman)

The Americans with Disabilities Act

The Americans with Disabilities Act of 1990 (ADA) prohibits discrimination by employers, in compensation and employment opportunities, against qualified individuals with disabilities who, with or without reasonable accommodation, can perform the "essential functions" of a job. A function may be essential for any of several reasons, including: the job exists to perform that function, the employee holding the job was hired for his/her expertise in performing the function, or only a limited number of employees are available to perform that function.

Feeling your best helps you do your best:

Our benefits take care of the whole you-so you can build your work around your life (not the other way around!).

• Competitive base salaries
• Bonus incentives
• Generous PTO, Floating Holidays and 12 Federal Holidays observed
• Support for financial-well-being and retirement 401k with employer match
• Comprehensive medical, dental, vision, hospital indemnity, critical illness, pet insurance and more
• Employer paid short-term/long-term disability and basic life insurance
• Flexible hybrid working arrangements.
• Paid parental leave and adoption reimbursement programs
• Free access to on-site staffed fitness centers (in Delaware) and gym subsidy (for locations outside Delaware)
• Confidential counseling support (EAP), Health Advocacy services and Wellness program with financial incentives
• Tuition Reimbursement and Family Scholarship Programs
• Career development and training opportunities

Not the right fit? Let us know you're interested in a future opportunity by clicking Introduce Yourself in the top-right corner of the page or create an account to set up email alerts as new job postings become available that meet your interest!

Sallie Mae is proud to be an equal opportunity (EEO) employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, sexual orientation, national origin, age, genetic information, gender identity, disability, Veteran status or any other characteristic protected by federal, state or local law. Click here to view the U.S. Pay Transparency Policy, here for federal job applicant notices, and here to view the California Employee Privacy Notice.

Reasonable accommodations are available for applicants with disabilities in all phases of the application and employment process. To request an accommodation please call and choose option 9. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.