DirecciónSecurity Architect
Description
A Security Architect in a Cybersecurity IT role within a finance company plays a critical and multifaceted role focused on designing, building, and overseeing the implementation of network and computer security for the organization. Their primary goal is to ensure that the company digital assets are protected from unauthorized access, data breaches, and cyberattacks, which is crucial in the financial sector due to the sensitive nature of the information handled and the regulatory requirements for data protection and privacy.
Main Responsibilities:
· Assess architectural patterns for service account authentication, Privileged Access Management, secdevops pipeline, security logging and monitoring, audit logging, and compliance guidance and monitoring.
· Responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats to Santander.
· Provide expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system while leveraging solutions such as Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS) in a manner that adheres to Santander information security policy and standards.
· Review and approve target state deployment topology, High-Level Architecture and data flows
· Share technology expertise with application architects and provide consultative support to application teams including assessment of connectivity requirements, VNet/VPC, and subnet design and recommendations
Requirements:
· At least 10 years of Experience (Infosec Experience)
· 5 Years in Architecture Experience
· Designed application authentication and authorization solutions including Single-SignOn, Multi-Factor Authentication, OAuth, OpenID Connect, and related technologies.
· Experience with Scrum, Kanban and SAFe Agile practices and strong aptitude to work in a DevOps culture and environment.
· Full-stack development experience building application software, test automation, and infrastructure as code
· Hands-on experience with cloud automation frameworks (Terraform, Ansible) and cloud provided automation tools (e.g. Azure Resource Manager Templates).
· Hands-on work experience working with SOAP and REST APIs, microservices design
· Experience in network topologies and multi-tier architecture
· Familiarity with load balancing technologies - ILB (Internal Load Balancers), Application Gateway, WAF (Web App Firewall), F5 appliance solutions, etc.
· Familiarity with network security principles (Network Security Groups, Application Security Groups), Private Link Services, Service Endpoint, Service Tags, etc.and Malware
Plusses:
· Communication.
· Problem Solving.
· Problem Analysis.
· Negotiation.
· Accountability.
· Stress management.
· Decision making..
