Principal Security Architect

Bank of America•Washington, DC

2d•Onsite

About The Position

At Bank of America, cybersecurity is foundational to protecting the enterprise and our customers. The Principal Security Architect is a senior technical leader within the Cyber Security Technology (CST) organization and a member of the Cyber Security Product Management team. This role partners across Global Information Security (GIS) to define, design, and deliver scalable security architectures and capabilities that address evolving threats, regulatory expectations, and business priorities. CST is a globally distributed organization responsible for cybersecurity architecture, engineering, innovation, product and technology strategy, cyber resiliency, access management, data strategy, and security control support. The Principal Security Architect plays a critical role in shaping enterprise security architecture, influencing technology strategy, and driving execution across multiple engineering initiatives.

Requirements

10+ years of experience in security architecture, with some people management experience.
Broad expertise across information security technologies, processes, and control frameworks.
Strong ability to research, evaluate, and recommend emerging technologies and strategies.
Demonstrated experience aligning security capabilities with regulatory, legal, and industry frameworks (e.g., NIST CSF).
Familiarity with common security bodies of knowledge (e.g., NIST, ISACA, SANS, ISC2).
Proven ability to operate effectively in a complex, globally distributed organization.
Exceptional communication, stakeholder engagement, and executive influencing skills.
Experience working in agile and product-based delivery models, with a track record of successful transformation.
Experience evaluating vendors and supporting deployment and integration decisions.
Skills: Automation Influence Result Orientation Stakeholder Management Technical Strategy Development Application Development Architecture Business Acumen Risk Management Solution Design Agile Practices Analytical Thinking Collaboration Data Management Solution Delivery Process

Responsibilities

Define solution intent and architectural vision in partnership with senior business and technology leaders, ensuring alignment with GIS policy and enterprise standards.
Collaborate with senior architects and product managers to develop and execute security roadmaps that deliver on strategic outcomes.
Advise senior executives on security risks, technology gaps, and architectural trade-offs; develop secure solutions through domain expertise, experimentation, and proofs of concept.
Lead the evolution of enterprise-level security architecture, ensuring designs are secure, resilient, and adaptable to emerging requirements.
Partner with governance and control owners to resolve policy issues and strengthen standards and best practices.
Mentor and guide other GIS architects, driving consistency, reuse, and adoption of architectural patterns across the cybersecurity organization.
Establish and continuously improve architectural practices, templates, and documentation.
Work with product managers and senior technology leaders to prioritize security backlog items that enable business epics and features.
Contribute across multiple initiatives simultaneously and adapt quickly between priorities.
Influence resourcing, budgeting, and funding decisions through architectural input and business case development; may provide people leadership or direction for special initiatives.