Cloud and Application Security Architect, Director

About The Position

Requirements

• 15+ years of experience in cybersecurity, with 5+ years in cloud and enterprise security architecture.
• Demonstrated success leading security architecture for financial services, banks, or regulated industries.
• Technical expertise in securing GCP, AWS, Kubernetes (GKE/EKS), Azure, cloud networking, and Application Security.
• Strong command of cloud-native technologies and DevSecOps practices.
• Experience with regulatory audits and control frameworks (e.g., NIST 800-53, ISO 27001, PCI DSS, FFIEC CAT).
• Proven leadership in cross-functional teams, architecture review boards, and strategic planning sessions.
• Excellent communication and presentation skills, with the ability to engage both technical and executive audiences.
• Consistently demonstrates clear and concise written and verbal communication
• Management and prioritization skills
• Ability to develop working relationships
• Ability to manage multiple activities and changing priorities, work under pressure to meet tight deadlines
• Self-starter with ability to take the initiative and master new tasks quickly
• Methodical, attention to detail
• Bachelor’s/University degree or equivalent experience, potentially Masters degree

Nice To Haves

• Preferred certifications: Google Cloud Security Engineer, AWS Security Specialty, CISSP, CCSP, CKA/CKS, GCSA.

Responsibilities

• Partner, coach and functionally lead IT, engineering, development and business teams through collaborative design discussions.
• Educate internal and external clients on security risk and best practices.
• Define and lead the security strategy across public cloud (GCP/AWS), private cloud, and on-prem environments with a focus on Zero Trust architecture and regulatory alignment.
• Develop and maintain cloud security reference architectures, playbooks, and control frameworks, tailored to the bank’s technology stack and third-party oversight obligations.
• Architect secure, scalable platforms for containerized banking workloads (e.g., GKE, EKS), VPC and network segmentation, secrets management, and secure compute/storage services.
• Partner with cloud engineering, platform ops, application delivery organization, and enterprise architecture to embed infrastructure security throughout service lifecycles — from ideation through production.
• Integrate security controls into CI/CD pipelines and infrastructure-as-code deployments (Terraform, Helm, CloudFormation), driving secure-by-design principles.
• Ensure compliance with banking regulations including GLBA, SOX, FFIEC, PCI-DSS, NYDFS, and OCC cybersecurity guidelines, integrating security architecture into audit and regulatory programs.

Benefits

• medical, dental & vision coverage
• 401(k)
• life, accident, and disability insurance
• wellness programs
• paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays