Cloud Security Architect - Charles River - Vice President
Who we are looking for
Charles River Development is looking for an experienced Cloud Security Architect - Responsible for overall cloud security controls across the organization. Establish frameworks and controls to enhance security posture for the cloud environment. Design frameworks and tools[SEIM] for the security operations teams. Implement policy driven governance framework. Would have additional responsibility of designing and implementation of cloud Identity - design and deploy modern identity solutions such as Azure AD MFA, Azure AD Conditional Access, Azure AD Privileged Identity Management, Azure AD B2B , B2C and Azure AD Application Proxy. Responsibility will also include identifying security policies, network and application security requirements, planning and implementing security controls over Azure infrastructure and implementing Single Sign On using AzAD, Application Proxy, B2C. Why this role is important to us
The team you will be joining is a part of Charles River Development (or CRD), that became a part of State Street in 2018. CRD helps create enterprise investment management software solutions for large institutions in the areas of institutional investment, wealth management and hedge funds. Together we have created first open front-to-back platform - State Street Alpha, that was launched in 2019. What you will be responsible for
As a Cloud Security Architect you will:
What we value
- Lead the Cloud Security Infrastructure Design and Architecture.
- Lead Cloud Security Engineering for a technical domain or initiative, working with multiple scrum teams, engineering managers and architects to deliver a well-architected, principled technology platform.
- Act as an advocate of information security policies, standards, and controls and as an enabler to the business while managing risk appropriately
- Lead initiatives to secure cloud solutions by specifying methodologies; implementation and calibration; preparing preventive, detective, and reactive security measures, and support documentation
- Identifying, communicating, and mitigating security risks in hybrid/multi-cloud deployments
- Producing metrics to measure the efficacy and effectiveness of the responsible areas of security program and reporting regularly
- Work closely with Security team to migrate current SSO framework to Azure AD, supporting different security standards (SAML, OIDC)
Education & Preferred Qualifications
- The ideal candidate should have a strong foundation across Microsoft technology stack and Azure Security offerings and the ability to communicate security concepts to key stakeholders along with experience with the following:
- Identity and Access Management principles, including B2C design and implementation
- Single Sign On framework, including SAML, OIDC, OAuth implementation
- Identity and access control with experience administering B2B and B2C applications as well as a working knowledge of Azure AD
- Strong understanding of Security best practices
- Securing Network and Enterprise Cloud applications
- Azure Security Center, Azure Key Vault, Log Analytics
- Knowledge of auditing, logging and monitoring, network security, security analytics
- Proven implementation of cloud security models, particularly identity and access management
- Good understanding of Microsoft Azure architecture and design
- AZ 103/104 or AZ- 500 certification is a definite plus
About State Street What we do.
- Bachelor's degree in a Technical or Analytical field required, Master's preferred
- 10+ years of overall experience
- 5+ years of experience in Cloud security
- Hands on experience with Identity and Access Management in a global, complex environment with a focus in Federation, Single Sign On (SSO), Multi-Factor authentication (MFA), and Privilege Access Management (PAM)
- Hands-on experience developing and deploying large-scale enterprise IAM solutions
- Expertise in common IAM protocols and standards such as Kerberos, SAML, OAuth, AD, LDAP, and MFA and PAM technologies
- Experience with Directory services, LDAP, SSO, Federation, Delegated administration, API gateways, SOA services
- Experience in Windows Active Directory, Windows, and Linux servers, Relational databases (Oracle, MS Sql, DB2)
- Demonstrated ability to work across a broad range of technologies to deliver complex solutions
- Strong familiarity with security issues surrounding IAM and experience in implementation of security systems and controls.
- Must have a thorough knowledge of information security components, principles, practices, and procedures
- Strong analytical, problem-solving and troubleshooting skills
- Results-oriented, delivery-driven individual requiring minimal guidance
- Demonstrates initiative and the ability to supervise others
- Ability to support multiple projects, shifting priorities, and changing environments/landscapes
- Positive attitude, self-starter with strong analytical, communication and interpersonal skills to lead working groups, negotiate and create consensus
- Ability to succinctly articulate complex technical issues with both technicians and business sponsors
- Experience with IAM solutions on cloud platforms like AWS, Azure, and GCP
State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients. Work, Live and Grow.
We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You'll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential. Inclusion, Diversity and Social Responsibility.
We truly believe our employees' diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers