Security Architect

First National Bank   •  

Omaha, NE

Industry: Finance & Insurance


8 - 10 years

Posted 49 days ago

We're looking for a leader & security champion. The ideal candidate for the Cloud Security Architect role embodies the attributes that define FNTS' culture & values, including but not limited to: trust, honesty, integrity, ownership, self-starter and most important – customer-experience mindset. If you're looking for the unique opportunity to be a technical visionary & SME for the Information Security group, you're in luck. FNTS operates a state-of-the-art SDDC private cloud and offers managed services, public/hybrid cloud services, as well as consulting, digital enablement & transformation, and legacy-niche to customers across the country, spanning several verticals.

The Cloud Security Architect possesses a risk-based, business-aligned security mindset, with knowledge spanning several technologies (or equivalent) such as:

• Computing Environments: Converged & Hyper-Converged

• Network Environments: Traditional, IPv4, IPv6, Microsegmentation, Zero-Trust

• Systems & Virtualization: VMware NSX, vSphere, vCenter, VROPS, etc; Windows 2012, 2016, 2019

• Palo Alto Networks: NGFW, VM-series, Traps, Logging Service, Wild Fire, Threat Prevention, URL Filtering, Panorama, Global Protect, Auto Focus & RedLock

• DUO: MFA, Device Management, Zero-Trust

• Public Cloud: Azure, AWS

• Load Balancers: Citrix, F5

• SOAR: ServiceNow workflows, API-based integrations, etc.

The Cloud Security Architect also possesses the ability to interface with the FNTS Executive Leadership Team, customers of all levels (technical through Executive Leadership), vendors, consultants & peers.The Cloud Security Architect is responsible for design, development, driving & creating roadmaps, maturing security policies, maintenance of re-usable & secure solutions, and functioning as a subject matter expert on services provided to the organization. The Cloud Security Architect leads key adoptions of technical security strategy, standards, design patterns and best practices across all areas of FNTS' current & emerging business & technology cloud & application requirements. As needed, the Cloud Security Architect will assist engineering teams hands-on with implementing, training & development, standard work & processes.

The Cloud Security Architect also builds and maintains strong relationships with multiple business, technical teams, and customers and ensures that the overall security strategy is aligned with both FNTS' strategic objectives and Information Security's strategic objectives. The Cloud Security Architect actively participates as a project team member, Information Security SME, and point of contact on a wide variety of departmental and enterprise-wide projects and initiatives. The Cloud Security Architect maintains a mastery level of expertise in multiple technical domains, performs proof-of-concept engagements, adopts forward-looking & business-aligned technology platforms and expands areas of expertise as the business evolves.

Reporting Structure: The Cloud Security Architect will report to the Chief Information Security Officer leading FNTS Information Security. FNTS Information Security is a department within the First National of Nebraska Information Security group.

Duties & Responsibilities:

• Serves as an information security architecture subject-matter leader, providing advisory and consulting services to major projects and programs specific to the required security stack within FNTS or cloud platforms, and integrated with the FNTS application direction; consults with customers.

• Provide technical direction and leadership to resolve critical design or operational issues that affect development and deployment of new products & services in the enterprise.

• Responsible for handling information security threats directed against FNTS on a 7 x 24 x 365 basis as part of the on-call & incident response program; owns issues through resolution.

• Work alongside key security, technology & business groups to develop leading enterprise cloud & application architecture to ensure the protection of FNTS & client assets and data.

• Engage IT and security leadership, both technical & managerial, for the review and acceptance of security architecture & standards; ensure decisions are made and implemented accordingly & on-time.

• Participate in and execute key architecture processes for the enforcement of security policies, standards & procedures across FNTS' enterprise landscape.

• Oversee and align security controls & objectives based on FNTS' strategic business & technology requirements; maintain knowledge & compliance of all relevant industry regulatory requirements

• Lead architecture discussions & security efforts assisting with the integration and implementation of solutions; solicit and evaluate technical contributions & proposals from vendors as necessary

• Review current state of security architecture & engineering, identify design gaps & recommend appropriate enhancements.

• Understand current & emerging security threats & evolve architecture to mitigate risk as applicable

• Stay abreast on new technologies, standards, and frameworks & integrate them into FNTS' existing enterprise architecture & design where applicable

• Achieve security architecture compliance, including SSAE 18 SOC 2 Type 2, HIPAA, PCI-DSS, FFIEC, GDPR and other applicable laws, regulations, and rules as necessary, as well as industry security best practices (ISO & CSA)

• Serve as informal mentor & advisor to less experienced staff

• Monitor, measure & refine the execution of the security architecture plans against strategic & metrics: KRIs & KPIs

• Performs other related duties incidental to the work described herein


• 8-10 years of relevant experience

• Comprehensive experience designing, implementing, operating & troubleshooting traditional & cloud-based services, including Amazon AWS or Microsoft Azure

• Excellent communication and customer interface/relationship skills, as well as the ability to effectively coordinate and work with other departments

• Experience integrating security capabilities in traditional, cloud & application lifecycle management platforms. Experience operating in a DevOps model is a plus!

• Technical expertise in multiple information security domains.

• Expert understanding of application security architecture and secure development best practices including SecDevOps, Secure SDLC, & integrating secure coding techniques with project teams

• Excellent communication, documentation, & presentation skills; experience presenting & communicating to deeply technical teams, and also to senior management or executives

• Experience or familiarity migrating systems, applications & controls from on-prem to cloud platforms (& vice-versa)

• Ability to make appropriate decisions considering the relative costs and benefits of potential actions

• Strong knowledge of security & architecture principles, frameworks & leading best practices related to multiple concepts including IAM, Operations, Network Security, etc;

• Should have broad knowledge of security policies and practices, including ISO, CSA, PCI-DSS, OCC, FFIEC, HIPAA, GDPR & SOC 2 Type 2

• A Bachelor's degree in computer science, information systems, business management, engineering, a physical science, or other relevant field is desired. Equivalent work experience will be considered as a substitution.

• Regular and predictable attendance is a required function of the job – flexible with schedule

• Ability to work independently with limited supervision; very high degree of initiative & passion

• Ability to recognize and deal appropriately with confidential and sensitive information

• Participate in conferences and meetings; travel as needed (expected 10% or less)

• Accepts ownership and full accountability for areas of responsibility

• Ability to organize and prioritize the workload by handling multiple projects simultaneously while being able to deal with frequent interruptions and a high pressure environment.

• One or more information security certifications highly preferred (ISC2, ISACA, SANS, AWS, Azure, EC-Council, etc.)