Sr Security Solution Architect - Remote

The Sr Security Solution Architect will lead efforts to perform security assessments for existing applications and new technology initiatives with a focus on providing high quality, timely recommendations to our internal business partners. This individual will drive consistent response times from our internal review teams while tracking follow-up items from business partner teams to ensure security recommendations are implemented appropriately. The Sr Architect will drive joint-ownership and accountability through organized tracking systems and consistent communication with all parties involved in security reviews and recommendation implementation. This role will also provide guidance and hands-on experience to teams in design, development, and maintenance of network and security solutions. This role will include the design and development of security architecture policies, standards, and procedures for various network and security technologies. This role will include mentorship and guidance to CISO Org engineers on day-to-day tasks as well as troubleshooting assistance for complex issues. This individual will provide technical leadership and consulting to CISO organization engineering teams. This individual will help develop and mature Zero Trust Architecture, strategy, and standards while driving adoption and education across the enterprise. The Sr Security Solution Architect will track and report on zero trust maturity and all aspects of security architecture.

• Analyze business requirements to develop technical security solutions and their framework.
• Participate, lead, and jointly deliver security evaluation reports on cloud providers (Azure, AWS), cloud native platforms (PCF, Docker, Kubernetes, etc.), Platform as a Service solutions and Software as a Service solutions.
• Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, in accordance with cloud infrastructure security standards such as ISO 27000 series, NIST CSF, and CSA
• Provide domain expertise in both public and private cloud and enterprise technology.
• Provide recommendations for improvement and risk reduction by assessing security posture and acting as a change agent with organizations to oversee vulnerability improvements with application teams.
• Drive continuous improvement for DFIN network security and product architectures assessing business and application requirements and recommending optimizations accordingly.
• Develop technology roadmaps including on-prem and cloud-based network and security solutions. Evaluate, select, test, and implement new or replacement security solutions as needed.
• Direct CISO Org and business partner teams to adhere to established standards, policies, procedures and configuration guidelines.
• Develop Functional, Nonfunctional and Business requirements documentation for new security initiatives. Actively review architecture ensuring adherence to security standards and policies.
• Develop and implement zero-trust strategy and architecture components. Guide and enforce adoption of zero trust guidelines across the organization.
• Provide technical leadership to CISO Org team on day-to-day tasks, participate in design meetings, vendor meetings and assist in solving complex and highly visible issues.
• Manage effective issue identification and resolution processes; serve as a senior escalation point for all enterprise network and security operations issues with a degree of quality that results in absolute root-cause determination and drive vendor partners to provide quality assurances by requiring immediate bug fixes, software updates, etc., as necessary to always ensure an Ideal Customer Experience.

• Provide recommendations to continuously drive optimized spending and ensure maximum value for solution investments. Develop business cases that justify adoption of appropriate security and infrastructure tools and solutions.
• Ensure communication of process and procedure changes to key stakeholders.
• Lead the identification, development, and collection of KPI metrics for CISO org.
• Research current industry technology to better facilitate vendor and partner communications.
• Cross functional collaborator who proactively drives security posture adoption and architectural alignment throughout the enterprise.
• Develop and deliver cross-training to other members of the team. Participate in and encourages a knowledge-sharing environment both within and outside the department.

• Establish and maintain strong partnership with the technical, business, customers, associates and sourcing stakeholders and vendors as necessary.
• Identify process improvement areas and lead the process improvement initiatives.
• Actively participate in industry/vendor forums to guide product development activities.

• Bachelor’s degree in related technical / business areas is required.
• Any relevant security certification is preferred but not required – CISSP, CCIE, CCDP, AWS/Azure certs, etc.

• Strong expertise of IT risks, cyber security, Cloud components, Routing Protocols, Security protocols and tools.
• Familiarity with Identity solutions, CI/CD tools, configuration and automation techniques, scripting languages, containers and orchestration solutions.
• Great communication and interpersonal skills.
• Expertise with network security products – Firewall, WAF, LB, DDOS.
• Expertise with networking products – Routers, Switches.
• Experience with cloud computing platforms including IaaS, PaaS, and SaaS delivery models’, key technologies include Azure, Office365, AWS, Google Cloud, container services, and CASB solutions.
• Knowledge of Zero trust, zone-based architecture, defense in depth, SASE, SSE, and micro-segmentation
• Knowledge of security best practices in hardening and protecting cloud environments, networks, servers, endpoints, applications, and databases
• Excellent written and verbal communications skills with experience presenting to leadership teams with the ability to communicate security and risk-related concepts to technical and non-technical audiences.