Security Architect

THE COMPANY

ETRADE is a leading financial services company and a pioneer in the online brokerage industry. Having executed the first-ever electronic trade by an individual investor more than 30 years ago, the company has long been at the forefront of the digital revolution, offering easy-to-use solutions for individual investors and stock participants. Founded on the principle of innovation and determined to level the playing field for individual investors, ETRADE delivers digital platforms, tools, and professional assistance to help investors and traders meet their near-and long-term investing goals. The Company provides these services both online and through its network of customer service representatives and financial consultants - over the phone at two national branches and in-person at 30 ETRADE branches.

RESPONSIBILITIES

The security architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

The security architect will be responsible for the following activities and functions:

Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers

Develop security strategy plans and roadmaps based on sound enterprise architecture practices

Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations

Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts

Participate in infrastructure projects to provide security-planning advice

Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool

Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC)

Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems

Review network segmentation to ensure least privilege for network access

Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics

Coordinate with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems

Liaise with other security architects and security

REQUIREMENTS

Education:

Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field.

Certificates:

CISSP, CISM, CISA, or other industry recognized certificates are highly desired.

Security and Technical Experience:

The security architect should have direct, documented, and verifiable experience with the following:

Experience in using architecture methodologiessuch as SABSA, Zachman and/or TOGAF

Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology

Direct, hands-on experience or a strong working knowledge of vulnerability management tools

Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.

Full-stack knowledge of IT infrastructure:

Applications

Databases

Operating systems - Windows, Unix and Linux

Hypervisors

IP networks - WAN and LAN

Storage networks - Fibre Channel, iSCSI and NAS

Backup networks and media

Direct experience designing IAM technologies and services:

Active Directory

Lightweight Directory Access Protocol (LDAP)

Amazon Web Service (AWS) IAM

Strong working knowledge of IT servicemanagement (e.g., ITIL-related disciplines):

Change management

Configuration management

Asset management

Incident management

Problem management

Business Related Skills

To ensure that security-related matters are adequately conveyed, the following business skills are required:

* Strategic planning skills

* Communication skills

* Financial analysis skills

* Project management skills

BENEFITS

We offer a competitive and comprehensive benefits package. Please visit https://etradecareers.com/why-work-at-etrade/employee-benefits to learn more about the opportunities.

E*TRADE Financial is an Equal Opportunity Employer who encourages diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, sex, age, disability, citizenship, marital status, sexual orientation, gender identity, military or protected veteran status, or any other characteristic protected by applicable law.


Meet Some of E*TRADE's Employees

Cicely

Senior Manager, Service Desk

Cicely manages and mentors E*TRADE’s Customer Team in providing excellent service and support to the company’s entire end user community.

Amie

Director, Talent Management

Amie promotes employee experiences within the company by developing a cool culture and providing resources for growth, diversity, inclusion, and continued learning opportunities.


Back to top