Technology Architect

RolesandResponsibilities:

• Lead the integration of newlyacquiredentities, ensuring the adoption ofBroadridgesecurity standards and processes.
• Develop and nurture collaborative relationships with business and development teams to align securityobjectiveswith business priorities, ensuring mutual benefit and effective prioritization.
• Provide strategic direction and technical guidance to application teams to implement effective security controls and measures.
• Analyze the distributed application architectures of newlyacquiredentities tofacilitatethe implementation of robust security measures during integration into Broadridge environment.
• Identifyand evaluate security vulnerabilities in applications from newly integrated entities, analyze associated risks, and provide guidance on remediation strategies, prioritizing efforts based on alignment with businessobjectives.
• Ensure that security practices and policiescomply withorganizational standards and regulatory requirements.
• Provide technical guidance and support to application teams, ensuring strict adherence to security standards and promoting the seamless integration of security measures and controls throughout the Software Development Life Cycle (SDLC).
• Collaborate closely with stakeholders to ensure the completeness and accuracy of information security exception requests, aligning them with predetermined criteria and established risk tolerance levels.
• Regularly communicate with management and stakeholders, presenting detailed reports and updates on vulnerabilities, ongoing remediation efforts, and the status and trends of exception requests
• Conduct ongoing security research to stay abreast of current security challenges,identifyingnew opportunities for security integration and automation to enhance overall security posture.
• Provide training and awareness on vulnerability risk management practices to technical teams and business stakeholders.

Requirements:

• Bachelor s degree in computer science, Information Security, or a related field. Good to have advanced degree or relevant certifications (e.g., CISSP, CISM).
• Minimum12years ofdemonstratedexpertisein application security, coupled withproficiencyin development.
• Strong understanding of distributed application architecture, including underlying security measures and best practices.
• Strong understanding of application security concepts, vulnerabilities, and attack vectors.
• Robust Information Security technical skills and knowledge toidentify, research, and understand security control gaps and program compliance issues.
• Exceptional ability to communicate security concepts, threats, controls, and mitigation/remediation strategies to diverse audiences, including those unfamiliar with such topics.
• Proventrackrecordin information security vulnerability assessment, remediation, and security governance.
• Familiarity with Security Policies, Procedures, Audit, and Compliance requirements.
• Expert understanding of code syntax and semantics of at least one object-oriented programming language.
• Possess an analytical mindset with the ability to prioritize and assess risks related to vulnerabilities and exception requests.
• Proven ability to work independently, prioritize tasks, and manage multiple projects simultaneously in a fast-paced environment, ensuringtimelyand efficient completion ofobjectives.
• Strong understanding of distributed application architecture, including underlying security measures and best practices.

Soft Skills:

• Excellent communication and interpersonal skills, adept at articulating technical concepts to non-technical stakeholders.
• Capable of effectively collaborating with cross-functional teams and building consensus is essential.
• Commitment to continuous learning and staying updated on industry developments and emerging technologies.

Good to have:

• Knowledge of security frameworks, standards, and benchmarks.
• Familiarity with cloud security concepts, cloud services, and cloud security controls, specifically within the AWS ecosystem.