This position exists within the Security Architecture and Project Services team in the CISO organization of LPL. The team is responsible for providing overall leadership across all security architectures across the firm.
As a Cloud Security Architect, you will be responsible for the secure design of various cloud applications within the firm using security design patterns that conform to the firm’s security policies, standards, procedures and guidelines using a risk-based compliance approach. You as a member of the security architecture team, will facilitate the understanding and shaping of the end-to-end cloud security strategy, governance, and architecture across IT projects, architectures, and designs. You will provide key contributions into thoughts and ideas for protecting the overall enterprise security of the firm.
Key responsibilities:
• Facilitate the understanding and shaping of the end-to-end cloud security strategy and architecture
• Enhance or articulate overarching cloud security architecture governance across IT projects, architectures and designs
• Assist in the design decisions proposed by the various design authorities (e.g. project leads and / or project architects) to meet broader organizational security objectives
• Review security design decisions which need to be taken through the development of a target operating model; or because of on-going change initiatives
• Enforce compliance of the firm’s security polices, standards, and procedures as relates to each project
• Evaluate and recommend cloud security technologies and solutions
• Ensure alignment of cloud security technologies used across the firm
• Act as an interface to the Enterprise Architecture team
• Research and stay up to date on emerging threats landscape and security controls
• Explore vendor or in house products to address security gaps
• Promote security awareness and educate people at all levels of the firm
• Identify points of architectural risk in new projects using architectural threat risk assessment and threat modeling techniques
Required:
• 8+ years experience in the field of IT Security
• Previous experience as a cloud security architect with knowledge of various Cloud Service Providers: Amazon WS and Microsoft (Azure)
• Bachelor's degree in Computer Science, Computer Engineering, or Information Systems required
• Experience with architecture frameworks such as SABSA, Zachman, or TOGAF
• Experience with information security governance in an enterprise setting
• Familiarity with cyber security architecture using trusted computing model
• Working knowledge of security services such as encryption, authentication, and intrusion detection and prevention architectures, Identity & Access Management, application security and network security
• Working knowledge of cloud security SaaS offerings, including Salesforce, Office 365, Workday, etc
• Familiarity with ISO 27001, 27002, and 27005; NIST 800-53, NIST 800-145, etc
• Working knowledge of IT management frameworks such as Control Objectives for Information and Related Technology (COBIT) and Information Technology Infrastructure Library (ITIL)
• Experience in using threat modeling techniques such as Microsoft Threat Modeling Process (STRIDE/DREAD), Trike, AS/NZS 4360:2004, CVSS, OCTAVE

Preferred:
• Masters in Computer Science, Computer Engineering, or Information Systems degree
• Prefer at least one of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Auditor (CISA), or Certified Information Systems Manager (CISM)
• Prefer certification in architecture frameworks such as TOGAF, SABSA, and/or Zachman
• Experience using SABSA or Zachman in the development of enterprise security architectures