Sr Lead Cybersecurity Architect

About The Position

Requirements

• Formal training or certification in software engineering concepts and 5+ years applied experience.
• Expert Threat Modeler with hands-on experience as a threat model practitioner.
• Deep expertise in threat modeling methodologies (e.g., STRIDE-LM, ATT&CK).
• Passion for mentoring and instructing others on threat modeling.
• Hands-on practical experience delivering enterprise level cybersecurity solutions and controls.
• Advanced in one or more programming languages or applications.
• Advanced knowledge of cybersecurity architecture, applications, and technical processes with considerable, in-depth knowledge in one or more technical disciplines (e.g., public cloud, artificial intelligence, machine learning, mobile, etc.).
• Ability to tackle design and functionality problems independently with little to no oversight.
• Practical cloud native experience.
• Ability to evaluate current and emerging technologies to select or recommend the best solutions for the future state architecture.

Nice To Haves

• Experience working with AI models and complex distributed data sets.
• Proficiency in designing and implementing security controls for cloud environments (e.g., AWS, Azure, GCP).
• Hands-on experience with security assessment tools, vulnerability scanning tools, and penetration testing methodologies.
• Experience working in finance or another highly regulated industry.
• Strong understanding of regulatory requirements such as GDPR, HIPAA, PCI-DSS, and SOC 2.
• CISSP, CISM, or other relevant certifications.
• Experience engaging stakeholders across an organization to set strategy, align on priorities and deliver to a roadmap while managing to business needs and requirements.

Responsibilities

• Leads the Threat Modeling Center of Excellence community, driving the strategic vision, development, and implementation of threat modeling practices across the enterprise.
• Collaborates with business, technology, and risk stakeholders to embed threat modeling into the architecture review lifecycle and ensure alignment with organizational security objectives.
• Guides the evaluation of current cybersecurity principals, processes, and controls, and leads the evaluation of new technology using existing standards and frameworks.
• Regularly provides technical guidance and direction to support the business and its technical teams, contractors, and vendors.
• Works with stakeholders and senior leaders to recommend business modifications during periods of vulnerability.
• Serves as function-wide subject matter expert in one or more areas of focus.
• Actively contributes to the engineering community as an advocate of firmwide frameworks, tools, and practices of the Software Development Life Cycle.
• Influences peers and project decision-makers to consider the use and application of leading-edge technologies.
• Adds to team culture of diversity, opportunity, inclusion, and respect.