Principal Architect, Information Security->> Develops and implements global security architecture solutions using formal risk management methodologies. Develops information security architecture to enforce security requirements and address identified risks. Works with other IT staff to ensure design achieves both business and technical requirements. Evaluates vendor products for security capabilities. Remains current on IT Security/Architecture trends. Contributes to the achievement of multiple teams' objectives
Will provide expert level guidance, assessment and direction in the development and implementation of encryption architectures, services, and solutions for the banks complex, global environment. This role has an emphasis on real-world, practical engineering experience as opposed to academic or research oriented cryptographic background. Potential candidates will understand practical risk tradeoffs of encryption systems design and implementation. Using proof-of-concept test or threat scenarios to evaluate architectural options, such as: use of different protocols, algorithms, key lengths and key management systems; encryption at varying points in the technology stack (ref. the OSI stack); centralized vs. decentralized solutions; and solution match to requirements.
- 8 to 10 years of experience in information security or related technology experience required.
- 8 to 10 years leading implementation teams or hands on implementation of encryption solutions.
- Experience implementing and evaluating data encryption systems for networks, computing platforms, and applications software
- Familiar with implementing centralized key management solutions. Familiar with the following encryption technologies: TLS/SSL, full disk encryption, Hardware Security Modules (HSMs), PKI, DBMS encryption products; application Crypto API use, both wireless and wireline encryption.
- Expert understanding of industry encryption standards (e.g. NIST SP 800-57, ISO/IEC 18033, and FIPS 140-2).
- Thorough understanding of Information Security frameworks and best practices (e.g. ISO, NIST).
- Experience with the following products is a plus: Oracle ASO/TDE, Vormetic data at rest encryption.
- Experience authoring encryption system requirements, standards, policies and procedures.
- Experience leading technical teams and independent decision making.
- Excellent interpersonal/communication, presentation, and technical writing skills.
- Industry certifications such as: CISSP/SSCP, GSEC, or GCIH a plus.
- Experience in the securities or financial services industry a plus
Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred 10-12 years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus BNY Mellon is an Equal Employment Opportunity/Affirmative Action Employer.
Minorities/Females/Individuals With Disabilities/Protected Veterans. Primary Location:
United States-Pennsylvania-PittsburghInternal Jobcode:
Information Security-HR11724Requisition Number: