At Commonwealth Financial Network®, we protect our people, our premises, and systems with the objective of maintaining trust in the services we provide. Our mission is to protect our advisors, people, premises, and systems to build and maintain trust.
Our vision is to be recognized as a leading information security function within the financial sector leader and a trusted partner who delivers indispensable and reliable services to our advisors, customers, and communities. As director of security architecture, you will be a key member of the Information Security team. You will work collaboratively with the Information Security, Business, and IT teams to ensure that solutions and services are designed and adopted effectively. This role is ideal for those who seek a challenge in a growing business by providing indispensable services to user communities and being part of its success.
This is a new role with a new team that has recently transformed to new ways of working. We are looking for an experienced director of security architecture with good information security knowledge and strong leadership skills. This is a great opportunity to help build a high-performing team in the finance industry.
- Delivering value and improving security by reducing security risk across the company
- Assisting information security teams to align standards, frameworks, and security with overall business and technology strategy
- Designing security architecture elements to mitigate threats as they emerge
- Identifying security design gaps in existing and proposed architectures and recommending changes or enhancements
- Supporting the publication and communication of security standards, frameworks, principles, and road maps to be used throughout the security organization to guide technology decisions and leverage opportunities through efficient design
- Developing the enterprise security architecture framework, blueprints, and patterns, as well as setting forth the standards across multiple disciplines
- Educating and guiding product and engineering teams in their vision, security solutions, and design within the information security portfolio
- Identifying, communicating, and maintaining awareness of current and emerging security threats, industry trends, and best practices to promote innovation across various products
- Gathering technical and business requirements, developing road maps, and communicating enterprise security technology strategy using the defined capability model
- Generating and supporting the definition and selection of enterprise security standards, including tools, technology, applications, and processes
- Driving the scoping and implementation of solutions as required
- Ensuring that all security architecture models and implementations can be traced to specific business requirements, policies, and key principles
- Assisting in evaluation and approval of exceptions to the IT enterprise security architecture framework
- Owning and managing how the big picture of system functionality and processes connect and work together within the security model
- Guiding various business and IT information security teams as needed toward a common architecture and engaging stakeholders as advocates of the vision
- Identifying cross-work stream dependencies, as well as coordinating and collaborating with various teams
- Developing and supporting of long-term strategy and technology road map to align with mitigation of risk and capability gaps
- Supporting cross-functional teams to investigate, analyze, and make recommendations to leadership on current strategy or operational issues
- Participating in development of organization cyber scorecards to identify business strengths, weaknesses, and opportunities
- Supporting development and submissions of budgetary and investment plans
- Strong track record of understanding customer needs, creating innovative outcomes to problems, and leading engineering teams to deliver successful products
- English language fluency
- Adept at working with users and groups at all levels to obtain requirements
- Critical thinker with an analytical mind-set and adept at evaluating opportunities to reach goals
- An Agile mindset with experience using Agile frameworks
- Knowledge of network security architecture, platform security architecture, cloud, application and middleware security architecture, and identity access management architecture
- Requirements analysis and strategic planning experience in a multiplatform environment
- Experience designing and implementing security solutions for applications, infrastructure, and networks
- Strong consulting skills, with excellent communication and collaboration skills
- Understanding the best practices, control frameworks, and applicable existing and new legal/regulatory requirements (e.g., SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, and PCI DSS)
Additional skills and knowledge
- Bachelor’s degree in information systems or a related discipline, or equivalent training
- Bachelor’s degree in software engineering, business management, or related disciplines (or relevant experience)
- 2+ years of leading security solution design and security architecture experience, working as a security architect with business stakeholders
- 3+ years of cybersecurity experience
- 6–8 years of progressive experience performing definition and implementation of enterprise solutions using leading software and hardware platforms; experience with backend integration to legacy applications and to cloud computing environments
- Training and certification as a security architect
- CISSP, SABSA, and ISSAP preferred
- At least 1 year of experience in IT delivery projects and system analysis Agile processes
- Experience leveraging design thinking concepts to build digital experiences to meet customer needs
Have we piqued your curiosity? Can you see yourself thriving in this opportunity? Let’s introduce ourselves.
Picture Yourself Here
Imagine keeping company with big thinkers and even bigger doers who share a common purpose to make a profound difference. Figure in an experience-it-to-believe-it culture, massive growth potential, and benefits galore, and you get the full impression.
We are committed to providing a supportive, equitable environment where you can bring your full, authentic self to your work every day and truly thrive in meaningful ways. Where you can be yourself and belong. Where you can build a career and find community.
At Commonwealth, everyone plays a part in our success story—and in building a more diverse and inclusive workplace, we are broadening our perspectives and capabilities. Together, our potential is limitless. Come join us on the pathway to a brighter future!
Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide. J.D. Power ranks Commonwealth “#1 in Independent Advisor Satisfaction Among Financial Investment Firms, Seven Times in a Row.” Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.
Turning our advisors into raving fans starts by doing the same for our employees. We foster an environment of excellence, growth, rewards, and fun in equal measure, so our employees genuinely enjoy coming to work. Our refreshing workplace culture has earned us 43 Best Place to Work awards—and counting.
The Fine Print
We care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online. Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.
Commonwealth is an equal opportunity employer, making intentional efforts to source candidates from all backgrounds.