Staff Cybersecurity Architect – Standards & Process Development

Staff Cybersecurity Architect – Standards & Process Development

Requirements

• Demonstrated competency in strategic thinking and leadership
• Demonstrated ability in influencing technical teams
• Proven project management and organizational skills, specifically managing multiple, concurrent projects
• Demonstrated knowledge of Governance, Risk, and Compliance (GRC) strategies including NIST, ISO, and CCM
• Proven experience in security architecture for both applications and infrastructure
• Experience in security architecture, with a focus on hybrid and multi cloud solutions
• Strong technical governance experience developing standards, policies, controls in large, regulated organizations
• Knowledge of how to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities
• Knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
• Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
• Knowledge of cybersecurity and privacy principles
• Strong communicator who is comfortable working cross-functionally, with a track record of delivering results and demonstrating strong ownership

Responsibilities

• Develop and drive the execution of cybersecurity compliance to architecture by applying frameworks, regulations, and standards to architecture and standards documentation to continuously enhance our security posture
• Support the creation of and adherence to information security reference architectures by developing reusable patterns for security and mapping standards to policy, and compliance
• Provide expert guidance to cross-functional teams, including architecture, engineering, operations, and compliance, to ensure security considerations are embedded in all stages of project lifecycles
• Develop and manage security architecture steering committees, working groups, and other governance bodies in partnership with cybersecurity leadership and LoDs to ensure robust management of security practices across the enterprise
• Conduct comprehensive risk assessments, threat modeling, and vulnerability analysis to identify potential security gaps and develop mitigation strategies
• Develop, document, and maintain security architecture blueprints, technical standards, guidelines, and related compliance mapping for consistent implementation across projects
• Work directly with security, legal, compliance, and LoD teams to help drive integration of security and compliance standards and practices across current and future lines of business, evaluate the regulatory environment, and implement changes to architectural standards and processes
• Develop and maintain partnerships with key business and technology leaders across State Street to persuade, inform & influence on security architecture direction across the enterprise
• Analysis and security architecture for sub and affiliate integration and security architecture governance
• Mapping Technical standards development and alignment across the organization, to include our subs & affiliates
• Prepare functional and specific support plans and prepare and manage correspondence
• Establish and maintain communication channels with stakeholders
• Assess policy needs and collaborate with stakeholders to aid in the development of policies to govern cyber activities
• Analyze organizational cyber policy
• Assist in the development of policy, programs, and guidelines for implementation

Preferred Qualifications

• Preference for candidates who have had experience as an information security officer managing business security risks or as a manager leading security operations function
• Extensive security experience with significant specific experience integrating security concerns in the governance and compliance contexts at large multinational Organisations