DTG GLOBAL
Enterprise Security Architect
Job Description
A leading financial services company in Atlanta is seeking an experienced Enterprise Security Architect to drive the development and execution of a comprehensive security strategy. This role is critical in ensuring cybersecurity resilience, aligning security initiatives with business objectives, and safeguarding against evolving threats.
Key Responsibilities:
Security Strategy & Roadmap
- Define and implement a long-term security strategy aligned with business goals, IT strategy, and regulatory requirements.
- Develop a multi-year security roadmap, outlining cybersecurity investments, capabilities, and enhancements.
Security Architecture Framework
- Establish a robust enterprise security architecture framework (e.g., SABSA, TOGAF, Zero Trust).
- Develop security reference architectures for network security, cloud security, application security, and endpoint security.
- Implement Zero Trust Architecture (ZTA) principles, enforcing identity-centric security, least privilege access, and continuous verification.
- Conduct cyber risk assessments using methodologies such as NIST Risk Management Framework (RMF), FAIR Model, or ISO 27005.
Security Governance & Compliance
- Develop and enforce security policies, standards, and guidelines to ensure compliance with regulatory frameworks (e.g., ISO 27001, NIST, GDPR, PCI DSS, SOC 2).
- Establish governance structures, such as Security Steering Committees, to oversee cybersecurity programs.
- Ensure audit readiness and facilitate security audits and certifications.
- Embed security principles into Enterprise Architecture (EA) by collaborating with IT, DevOps, and engineering teams.
- Implement secure-by-design principles in cloud, application, and infrastructure development.
- Promote DevSecOps practices to integrate security early in the software development lifecycle (SDLC).
Threat Intelligence & Cyber Resilience
- Develop a proactive Threat Intelligence Program to monitor emerging cyber threats and attack trends.
- Implement a Cyber Resilience Strategy, including business continuity planning (BCP) and disaster recovery (DR).
Security Awareness & Culture
- Foster a security-first culture by developing awareness programs and cybersecurity training for employees, developers, and executive leadership.
- Conduct phishing simulations, secure coding workshops, and executive-level cybersecurity briefings.
Continuous Improvement & Security Metrics
- Define and monitor Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to assess security effectiveness.
- Leverage security automation and AI-driven analytics to enhance threat detection and incident response.
What We’re Looking For:
- Proven experience as an Enterprise Security Architect, preferably within fintech or financial services.
- Hands-on expertise in designing and implementing security frameworks, architectures, and compliance initiatives.
- Strong understanding of cloud security (AWS, Azure, GCP), network security, and application security.
- Familiarity with risk assessment frameworks and security governance.
- Experience working in small-to-medium-sized enterprises (SMEs) is highly desirable.
- Ability to take ownership of security strategies, drive initiatives from inception, and make key decisions.