We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
BankUnited jobs

Enterprise Security Architect

BankUnited
United States, Florida, Miami Lakes
May 23, 2025
SUMMARY: The Enterprise Security Architect will play an integral role in assisting in the implementation and delivery of the security strategy and technical direction applied to ensure the Bank's data and applications remain secure. The role will report to Chief Enterprise Architect and will collaborate with other Enterprise Solution Architects, Implementation Teams, and Enterprise Risk Management teams to ensure that the Bank's technology solutions conform to disciplined, industry best practices for information security. This highly visible position will be front and center as we work to continuously modernize our solutions and change the way we apply technology across our systems. The Security Architect must possess both a deep and wide background in information security being applied across a wide breadth of technologies spanning solutions built in the cloud (such as AWS, Azure, and GCP), on SaaS/PaaS platforms (such as SalesForce and Microsoft 365), and modern deployments on "open" technology stacks. As a key member of the Enterprise Architecture team, the Security Architect should be comfortable with driving technical ideas and communicating clearly with technical as well as non-technical audiences.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties and special projects may be assigned.

  • Assists in the development and maintenance of a security architecture process that enables the Enterprise to implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
  • Assists in the delivery of security strategy plans and roadmaps based on sound architecture practices.
  • Assists in the development and maintenance of security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
  • Assists in the baselining of security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM).
  • Assists in the development of standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria.
  • Liaises with the vendor management (VM) team to conduct security assessments of prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data.
  • Software as a service (SaaS) provider
  • Cloud/infrastructure as a service (IaaS) provider
  • Managed service providers (MSPs)
  • Collaborates with other security architects and security practitioners to share best practices and insights.
  • Participates in application and infrastructure projects to provide security-planning, delivery and deployment advice.
  • Collaborates with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
  • Evaluates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
  • Coordinates with the CDO and Information Security to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization).
  • Reviews security technologies, tools, and services, and makes recommendations to the Enterprise Architecture team for their adoption and use.
  • Gather and analyze requirements from product owners.
  • Foster development best practices within the team.
  • Facilitate communication with cross-functional groups.
  • Work with the product organization to develop secure business requirements, implement the security architecture and assist with its integration into the Bank's long term platform strategy.
  • Stay up to date on new tools & techniques in the information security space.
  • Conduct proof of concept activities with key business users in support of advanced use cases.
  • Adheres to and complies with applicable, federal and state laws, regulations and guidance, including those related to anti-money laundering (i.e. Bank Secrecy Act, US PATRIOT Act, etc.).
  • Adheres to Bank policies and procedures and completes required training.
  • Identifies and reports suspicious activity.

EDUCATION
College degree or equivalent management/work experience (At least 10 years), which includes practical experience in Information Technology and IT Security Minimum 4 years' experience with cloud-based enterprise infrastructure architecture and/or operations required
EXPERIENCE

  • Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF
  • Hands-on experience or strong working knowledge of managing security infrastructure -- eg, firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM, log management and monitoring technologies
  • 3+ years experience - AWS cloud experience
  • 3+ years experience - Cloud security architecture experience
  • 3+ years experience -- Data Security
  • Proficiency with data security tools which identify sensitive data elements and secure them accordingly (either through data masking, encryption, general obfuscation, or tokenization) is also a desired skillset As such knowledge of tools such as BigID, Delphix, Cyral, etc) would be a plus
  • Experience with data loss prevention methodologies/technologies in a cloud environment
  • Working knowledge of AWS cloud and 3rd party security controls and constructs
  • Experience with SIEM monitoring & logging tools and architectures
  • Experience with continuous cloud compliance tools and supporting architectures
  • Experience reviewing application code for security vulnerabilities
  • Hands-on experience or a strong working knowledge of vulnerability management tools
  • Experience designing the deployment of applications and infrastructure into public cloud services
  • Exposure to Security & Risks around Artificial Intelligence Technologies
  • Direct experience designing IAM technologies and services: Azure Active Directory, Amazon Web Service (AWS) IAM, Azure / Microsoft 365 Cloud
  • Experience with the following Regulations, Standards and Frameworks: Payment Card Industry Data Security Standard (PCI-DSS), Sarbanes-Oxley, General Data Protection Regulation (GDPR), Privacy Practices, CSA Framework, NIST Cybersecurity Framework (CSF)

KNOWLEDGE, SKILLS AND ABILITIES

  • Knowledge in AWS Well-architected framework
  • Knowledge in AWS Security Solutions
  • Strategic planning skills -- must be able to interpret business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers.
  • Communication skills -- will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.
  • Ability to stay composed in the face of opposition to architectural principles, governance and standards.

Applied = 0
MORE JOBS LIKE THIS

(web-67f776f9dc-dqgjx)