Skip to main content
Location Dorchester, United States Category Information Technology Date posted 14/06/2021 Job ID 2102434
Security Architect-2102434

Description

The Security Architect is responsible for designing, developing, comprehensive security architectures, strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls in business applications. The role’s specific focus includes mitigating and managing cyber security threats to the cloud, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity. 

Key functional / specialized disciplines or practice areas for this Job Family include but are not limited to the following: 

Cyber Security (Architecture, Development):

  • Assess architectural patterns for service account authentication, Privileged Access Management, secdevops pipeline, security logging and monitoring, audit logging, and compliance guidance and monitoring
  • Responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats to Santander
  • Provide expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system in the cloud while leveraging Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS) in a manner that adheres to Santander information security policy and standards
  • Review and approve target state deployment topology, High-Level Architecture and Private Link interactions for the Public Cloud Workloads
  • Provide consultative support to application teams including assessment of connectivity requirements, VNet/VPC, and subnet design and recommendations

Experience:

  • Designed application authentication and authorization solutions including Single-Sign On, Multi-Factor Authentication, OAuth, OpenID Connect, Sentinel, Dome9, Qualis, Azure Key Vault and related technologies for workloads moving to the cloud
  • Experience with Scrum, Kanban and SAFe Agile practices and strong aptitude to work in a DevOps culture and environment
  • Full-stack development experience building application software, test automation, and infrastructure as code
  • Hands-on work experience working with SOAP and REST APIs, microservices design
  • Experience in private network connectivity using Express Routes, Direct Connect, etc.
  • Familiarity with load balancing technologies - ILB (Internal Load Balancers), Application Gateway, WAF (Web App Firewall), F5 appliance solutions, etc.
  • Familiarity with network security principles (Network Security Groups, Application Security Groups), Private Link Services, Service Endpoint, Service Tags, etc.

Cloud Computing:

  • Thorough understanding and experience with AZURE & AWS native controls
  • Ability to configure, manage and apply Security best practices as per defined standards on Azure Security Center
  • Good knowledge / hands-on experience in the following
    • Network Security Groups and Micro-segmentation concepts
    • UDR and Load balancers
    • VPN Gateways and ExpressRoute connection
    • Azure Firewalls
    • Service tags and service endpoints
    • NAT and PAT concepts
    • Automation frameworks (Terraform, Ansible, Chef, Puppet) and automation scripts to support the Azure environment tools (Azure Resource Manager Templates)
    • Operation Management Suite (OMS) queries using Kusto query language (KQL)
    • Familiarity with OWASP and integrations with static code analysis and dynamic code analysis tools

Qualifications

  • Bachelor's Degree in Computer Science or equivalent field or equivalent work experience
  • Minimum 12 years of prior relevant experience including prior management experience
  • Minimum 3 years of financial services experience
  • Advanced Information Security Certification (ISACA or equivalent)

At Santander, we value and respect differences in our workforce and strive to increase the diversity of our teams. We encourage everyone to apply.

Job

:Information Security

Primary Location

:Massachusetts-Dorchester-2 Morrissey Boulevard - 06367 - Columbia Park-Corp

Organization

:Technology (5900)

Schedule

:Full-time

Job Posting

:Jun 14, 2021, 11:41:09 AM

Apply for role

Sign up and be the first to receive our latest job updates.

Interested InSearch for a category and select one from the list of suggestions. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Information Technology, Dorchester, Massachusetts, United StatesRemove