Enterprise Security is looking for a Lead Architect (Cloud Security) to lead the design and development of security architectures for protecting systems and data deployed into our cloud native and hybrid environments. This includes contributing to the overall Enterprise Cloud architecture strategy and leading the security vision and strategy around IaaS/PaaS/SaaS cloud offerings. The position is responsible for designing our Cloud vision and controls for security and operational best practices, security controls, automated alerting and remediation. Work with application teams to ensure all cloud deployments and resources are aligned with Enterprise Security controls and best practices. The architect will serve as an authoritative point of contact for all matters related to cloud security controls, implementation, and enforcement.
- Leads the design and development of IT cloud security architecture (integrated process, applications, data, and technology) solutions to technology problems in alignment with the enterprise architecture direction and standards.
- Work with application teams and other partners to ensure business requirements are met with minimal risk to the firm.
- Performs technical planning, architecture development, and modification of specifications.
- Develops specifications for new cloud security architectures, including new cloud service providers.
- Assesses the compatibility and integration of cloud products/services to ensure an integrated architecture across interdependent technologies and that security best practices are followed.
Role Summary and Responsibilities
- Understands and advocates architecture principles and articulates value proposition of architecture to technology partners
- Manages and continuously improves the design and implementation of architecture processes and artifacts; provides input into Cloud Security architecture strategy and assists in the development and implementation of the strategy
- Identifies and classifies projects or design designs requiring formal architectural oversight; participates in architecture review boards and advises on design decisions.
- Ensures decisions around security architecture are made and deviations from standards are properly identified, addressed, and communicated. Escalates as necessary.
- Guides peers and less experienced associates in following all aspects of the Enterprise Architecture process from initiation to closure
- Participates in and leads reviews of projects that are in flight. Works closely with technical leads of projects contributing solutions to the project’s most challenging problems with the ability to be hands on.
- Ensures that all individual security architecture artifacts and changes are documented as per process standards and stored in T. Rowe Price’s EA Library to facilitate compliance, organization, and access
- Maintains a wide, active network across the enterprise and knows when to engage/activate it
- Makes decisions that are cognizant of the firm’s broader business and security strategy
- Recommends solutions aligned with Global Technology and business unit strategies
- 8+ years of experience in and expert knowledge of securing public cloud and hybrid environments
- Stays abreast of industry trends and technologies and knows when/how/if to apply them appropriately
- Demonstrated hands on expertise securing public cloud environments (AWS, Azure, GCP)
- Demonstrated strong coding skills in one or more high-level languages such as Python, Golang, or Java
- Knowledge of cloud native security automation technologies (Cloud Custodian, AWS Config, etc.)
- Expert knowledge of cloud native identity and access management (IAM) and encryption key management (KMS)
- Familiarity with infrastructure automation tooling and best practices (Terraform, Packer, Chef, Ansible, SaltStack, etc.)
- Conversant in many technologies and learns new technologies quickly
- Experienced in complex architecture frameworks and models
- Proactively identifies architectural weaknesses and recommends, develops and applies advanced, and at times new/untested, solutions
- Provides a clear and concise explanation of business strategy, technical concepts, designs or implementation to a non-technical audience
- Leads complex and highly visible initiatives across the enterprise
- AWS Certified Solutions Architect Professional (Preferred)
- AWS Certified Security – Specialty (Preferred)