Vacancy expired!
- Produce security architecture deliverables as part of initiatives related to network security
- Partner with IT teams to improve the network security services for the enterprise
- Proactively identify security gaps, propose solutions, and follow through with engineering teams for implementation
- Innovate and think outside of the box to solve complex issues
- Create and drive the IAM security capability 3-year roadmap with within Cybersecurity Services & respective IT stakeholders
- Influence change of control policies with Technology Risk Management & build strong partnerships with IT Architecture & Application Development partners
- Create IT security standards easily consumed by IT stakeholders
- Build access management security patterns (standardizing authentication/authorization flows, single-sign-on/MFA, provisioning, user behavior analytics, access governance system controls, privileged/secrets mgt) and designs as part of initiatives to modernize the DTCC access management security posture
- Identify access management gaps through proactive discovery and partner with app dev teams for remediation
- Evaluate the existing application security controls, on-premise and cloud, identify improvements, and build plans into the application security capability roadmap for implementation
- Mentor junior security engineers to enhance their security skills within Cybersecurity Services
- Maintains professional and technical process knowledge by keeping abreast of the changing security landscape within the technology industry and changes in cybersecurity frameworks
- Create white papers and present in industry conferences to present thought leadership in the security field
- 8-10 years of related experience
- Bachelor's degree preferred
- Strong Cybersecurity experience across network, application (web, API) & public/private cloud security architecture (web application firewalls, containers, etc)
- Experience in architecting IAM sub-capabilities (authentication/authorization, user behavior analytics, provisioning)
- Strong experience in identifying access management control gaps
- Understanding of core cryptography concepts
- Experience with Information Security frameworks (e.g. ISO 27001 and NIST) & security architecture frameworks
- Experience architecting automated data center processes, including provisioning, application and patch management, monitoring and alerting, capacity monitoring and planning, leveraging execution and human approval workflow design and implementation
- Experience in OS security (Windows, Linux) and RDMS is preferred
Vacancy expired!