Cyber Security (Architecture, Development):

 

• Assess architectural patterns for service account authentication, Privileged Access Management, DevSecOps pipeline, security logging and monitoring, audit logging, and compliance guidance and monitoring.

• Assess against industry security standards such as SAML and OAUTH2

• Responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats.

• Provide expertise for cyber security technical and non-technical solutions; review and provide guidance enabling business system in the cloud while leveraging Platform as a Service (PaaS), Infrastructure as a Service (IaaS) and Software as a Service (SaaS) in a manner that adheres to Santander information security policy and standards.

• Contribute, Review and approve target state deployment topology, High-Level Architecture and Private Link interactions for the Public Cloud Workloads

• Share cloud technology expertise with application architects and provide consultative support to application teams including assessment of connectivity requirements, VNet/VPC, and subnet design and recommendations

• Represent Information Security within a cross functional architecture team

• Participate in the architectural process both waterfall and agile

• Lead the architecture of tools, processes, and software pipelines of Information Security tower within Agile

 

Communication:

• Primary author of project security architecture

• Interface with project managers

• Executive Level Presentations

• Prepare presentations to auditors

 

Experience:

• Designed application authentication and authorization solutions including Single-Sign-On, Multi-Factor Authentication, OAuth, OpenID Connect, Sentinel, Dome9, Qualys, Key Vault and related technologies for workloads moving to the cloud.

• Experience with Scrum, Kanban and SAFE Agile practices and strong aptitude to work in a DevOps culture and environment.

• Full-stack development experience building application software, test automation, and infrastructure as code

• Familiar with cloud automation frameworks (Terraform, Ansible) and cloud provided automation tools (Azure Resource Manager Templates).

• Hands-on work experience working with SOAP and REST APIs, microservices design

• Experience in private network connectivity using Express Routes, Direct Connect, etc.

• Familiarity with load balancing technologies - ILB (Internal Load Balancers), Application Gateway, WAF (Web App Firewall), F5 appliance solutions, etc.

• Familiarity with network security principles (Network Security Groups, Application Security Groups), Private Link Services, Service Endpoint, Service Tags, etc.

• Experience in financial services applications

 

 

Cloud Computing:

• Thorough understanding and experience with AZURE & AWS native controls

• Good knowledge / hands-on experience in the following in AZURE & AWS

• Network Security Groups and Micro-segmentation concepts

• UDR and Load balancers

• VPN Gateways and ExpressRoute connection

• Azure Firewalls

• Service tags and service endpoints

• NAT and PAT concepts

• Automation frameworks (Terraform, Ansible, Chef, Puppet) and automation scripts to support the Azure environment tools (Azure Resource Manager Templates)

• Operation Management Suite (OMS) queries using Kusto query language (KQL)

• Security Events and Incident Management (SEIM)

• Familiarity with OWASP and integrations with static code analysis and dynamic code analysis tools.

 

Qualifications

• Typically requires a University Degree or equivalent experience.

• Minimum 12 years of prior relevant experience including prior management experience.

• Minimum 4 years security architecture experience

• Minimum 3 years of financial services experience

• Advanced Information Security Certification from (ISC)2, ISACA or equivalent (CISSP, CRISC, CCSP, etc.)

 

Most import requirements to manager:

- Security Reference Architecture creation and presentation.

- Full stack developer in a DevOps model worked on APIs, high volume transactions by keeping application security best practices.

- Expert knowledge & experience in data security, network security, infrastructure security and application security.

- 5+ years of SaaS(Software as a Service) application development , 5+ years of security solutioning with a financial institution on SaaS platforms, security architecture,

- Demonstrating solutions delivery, principles and emerging technologies."