top of page

Chief Security Architect

Apply Now

New York, NY, USA

Job Type

Full Tim

Workspace

About the Role

The Chief Architect, Security is responsible for the overall design, development, and implementation of the enterprise security architecture. This role ensures that all technology solutions and systems are designed with the highest security standards to safeguard against cyber threats and align with regulatory requirements. The Chief Architect will collaborate with other architecture teams, IT leadership, and business stakeholders to embed security into every layer of the organization’s technology stack.

Key Responsibilities:

Security Architecture Strategy:
Define and execute the organization’s long-term security architecture strategy, ensuring alignment with business goals and evolving cyber threat landscapes.
Develop and maintain a comprehensive security reference architecture, including network, application, data, and cloud security, that guides technology decisions across the enterprise.
Lead the design of secure, scalable, and resilient infrastructure to support financial services applications, data management, and transactional systems.
Solution Design & Integration:
Collaborate with IT, DevOps, and product teams to design secure solutions for cloud (AWS, Azure), on-premises, and hybrid environments, ensuring security is integrated into the full lifecycle of systems and applications (DevSecOps).
Drive the selection and implementation of security technologies such as encryption, firewalls, identity & access management (IAM), secure coding practices, and vulnerability management solutions.
Ensure all systems and solutions comply with relevant regulations (e.g., NYDFS, GLBA, SOX) and industry standards (e.g., PCI-DSS, ISO 27001, NIST).
Risk Assessment & Mitigation:
Conduct architecture risk assessments to identify security vulnerabilities in technology solutions, including cloud infrastructure, applications, and third-party integrations.
Design and implement security controls to mitigate identified risks while balancing operational efficiency and user experience.
Establish processes for continuous security assessment, testing, and improvement of systems across the enterprise.
Collaboration & Stakeholder Management:
Act as a key advisor to the CISO, CTO, and other executive leadership on architectural security issues, potential risks, and mitigation strategies.
Partner with other architects (network, application, infrastructure) to ensure security by design is embedded across all IT domains.
Lead the dialogue with business stakeholders to translate business requirements into secure technical designs that support business agility and growth.
Emerging Technologies & Innovation:
Stay ahead of the curve on emerging security technologies, threats, and industry trends (e.g., quantum computing, blockchain, zero trust architecture).
Evaluate and implement next-generation security architectures to address evolving threat vectors, particularly in areas such as API security, secure data sharing, and machine learning-driven analytics.
Recommend and integrate innovative security solutions that support advanced financial applications, real-time trading, and high-volume transaction processing.
Governance & Compliance:
Ensure security architecture frameworks adhere to relevant regulatory requirements (e.g., SEC, GDPR, CCPA) and company-wide security policies.
Oversee security architecture reviews of new and existing systems to ensure compliance with regulatory frameworks and internal governance.
Provide guidance for the remediation of audit findings and manage remediation plans for non-compliant systems.
Team Leadership & Development:
Build and mentor a team of security architects, fostering a culture of innovation, continuous improvement, and excellence.
Provide technical leadership and guidance on security best practices to cross-functional teams including development, infrastructure, and operations.
Lead security training initiatives to raise awareness and educate stakeholders on secure development practices.
Qualifications:

Bachelor's degree in Computer Science, Information Security, or a related field (Master’s degree preferred).
10+ years of experience in information security, with a focus on security architecture and design, including 5+ years in a leadership role.
Strong knowledge of security frameworks (e.g., NIST, ISO 27001), regulations (e.g., NYDFS, PCI-DSS), and best practices within the financial services industry.
Hands-on experience designing secure architectures for complex enterprise environments, including cloud services, APIs, microservices, and distributed systems.
Familiarity with identity and access management (IAM), encryption technologies, public key infrastructure (PKI), and secure coding practices.
Experience with DevSecOps and integrating security into CI/CD pipelines.
Strong technical understanding of cloud security models, particularly with AWS, Azure, and Google Cloud.
Certifications such as CISSP, SABSA, TOGAF, or AWS Certified Security Specialty are highly desirable.
Preferred Qualifications:

Proven experience within the financial services industry, particularly in roles supporting trading platforms, banking systems, or fintech environments.
Expertise in the design and implementation of zero trust architecture and secure APIs.
Experience with regulatory compliance, especially in relation to financial institutions (e.g., GLBA, FFIEC, SOX).

Requirements

About the Company

A leading financial services company.

Apply Now
bottom of page