Security Architect (Architecture, Development)

Minimum 12 years of prior relevant experience including prior management experience, Minimum 4 years security architecture experience, Minimum 3 years of financial services experience, CISSP, CRISC, CCSP
Contract W2, Contract Independent, Contract Corp-To-Corp, 12 Months
Depends on Experience

Job Description

Corus is Looking for 

Description:

• Assess architectural patterns for service account authentication, Privileged Access Management, DevSecOps pipeline, security logging and monitoring, audit logging, and compliance guidance and monitoring. 

• Assess against industry security standards such as SAML and OAUTH2 

• Responsible for protecting the Bank, 

• Provide expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system in the cloud while leveraging Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS) in a manner that adheres to Santander information security policy and standards. 

• Contribute, Review and approve target state deployment topology, High-Level Architecture and Private Link interactions for the Public Cloud Workloads 

• Share cloud technology expertise with application architects and provide consultative support to application teams including assessment of connectivity requirements, VNet/VPC, and subnet design and recommendations 

• Represent Information Security within a cross functional architecture team 

• Participate in the architectural process both waterfall and agile 

• Lead the architecture of tools, processes, and software pipelines of Information Security tower within Agile 

  

Communication: 

• Primary author of project security architecture 

• Interface with project managers 

• Executive Level Presentations 

• Prepare presentations to auditors 

  

Experience: 

• Designed application authentication and authorization solutions including Single-Sign-On, Multi-Factor Authentication, OAuth, OpenID Connect, Sentinel, Dome9, Qualys, Key Vault and related technologies for workloads moving to the cloud. 

• Experience with Scrum, Kanban and SAFE Agile practices and strong aptitude to work in a DevOps culture and environment. 

• Full-stack development experience building application software, test automation, and infrastructure as code 

• Familiar with cloud automation frameworks (Terraform, Ansible) and cloud provided automation tools (Azure Resource Manager Templates). 

• Hands-on work experience working with SOAP and REST APIs, microservices design 

• Experience in private network connectivity using Express Routes, Direct Connect, etc. 

• Familiarity with load balancing technologies - ILB (Internal Load Balancers), Application Gateway, WAF (Web App Firewall), F5 appliance solutions, etc. 

• Familiarity with network security principles (Network Security Groups, Application Security Groups), Private Link Services, Service Endpoint, Service Tags, etc. 

• Experience in financial services applications 

  

Cloud Computing: 

• Thorough understanding and experience with AZURE & AWS native controls 

• Good knowledge / hands-on experience in the following in AZURE & AWS 

• Network Security Groups and Micro-segmentation concepts 

• UDR and Load balancers 

• VPN Gateways and ExpressRoute connection 

• Azure Firewalls 

• Service tags and service endpoints 

• NAT and PAT concepts 

• Automation frameworks (Terraform, Ansible, Chef, Puppet) and automation scripts to support the Azure environment tools (Azure Resource Manager Templates) 

• Operation Management Suite (OMS) queries using Kusto query language (KQL) 

• Security Events and Incident Management (SEIM) 

• Familiarity with OWASP and integrations with static code analysis and dynamic code analysis tools. 

  

Qualifications 

• Typically requires a University Degree or equivalent experience. 

• Minimum 12 years of prior relevant experience including prior management experience. 

• Minimum 4 years security architecture experience 

• Minimum 3 years of financial services experience 

• Advanced Information Security Certification from (ISC)2, ISACA or equivalent (CISSP, CRISC, CCSP, etc.) 

 

It is also a plus if this candidate is fluent in Spanish. 

 

Dice Id : 10369619
Position Id : 318750987
Originally Posted : 3 months ago
Have a Job? Post it