Perimeter Security Architect / Charlotte, NC

Leads and/or participates in the design, development, and implementation of complex system engineering activities involving cross-functional technical support, systems programming and data center capabilities. Responsible for components of highly complex engineering and/or analytical tasks and activities. Establishes input/output processes and working parameters for hardware/software compatibility, coordination of subsystems design, and integration of total system. Viewed as a technology subject matter expert; able to provide and communicate complex technology solutions across differing audiences including technical, managerial, business executives, and/or vendors. Will have responsibility for multiple, complex projects; will direct activities of teams related to special initiatives or operations and may have direct reports. Leads the resolution process for complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Information Technology degree and/or technology certifications preferred or substantial equivalent experience. Typically 7-10 years of IT experience.

Candidates must have a strong background in design/engineering of Security solutions, with polished written and verbal communication skills, and a proven track record interacting with various levels of management, clients and technical team members in delivering technical solutions. The Individual must possess the ability to analyze and understand a variety of existing and emerging business requirements, and be able to interface with multiple engineering teams to deliver solutions that reduce risk, drive out complexity, and deliver best in class firewall/IDS/WAF solutions that align to the Banks overall strategy and goals. This highly dynamic position will require the ability to manage multiple technical project engagements requiring the candidate to be a team player whom can also work independently in managing to multiple deadlines, priorities and diverse set of tools and applications. Recommends the appropriate platforms, systems and infrastructure to support client technology needs

Responsible for engineering design for platforms, systems and infrastructure for security. Works with interdisciplinary teams, including line-of-business staff, business technology teams, operational support teams, and various GT&O organizations in order to execute the design and support the implementation of these projects. As part of the design process, considers aspects such as life-cycle cost, application reliability, data security, facilities availability, technology process, and delivery schedule.


Key Responsibilities:

  • Responsible for designing security solutions to business technology requirements, and according to existing standards.
  • Able to develop technology designs, supervise the implementation of these designs, verify their proper completion, and act as a consultant for any issues encountered over the project lifecycle.
  • Capable of working with line-of-business and business technology staff to understand and meet project requirements.
  • Acts as a trusted partner to provide solutions to their needs.
  • Engages in high severity business impacting production incidents and problem tickets to work through to resolution.
  • Able to adjust designs to meet business-required levels of cost, reliability, and data security. Able to understand, formulate, and communicate complex designs with other technology partners within TI
  • Assists in the training of junior associates
  • Engages program management and product engineering teams for process and application improvement opportunities
  • Reviews system documentation for accuracy and updates as necessary.
  • Provides feedback to product teams as to the catalog of standard products, and business requirements for changes to the catalog.


Professional Competencies:

  • Demonstrates Analytical Ability-must be able to assist in resolution of complex issues during high pressure situations.
  • Able to communicate with a wide range of staff, from technology implementation through to senior management levels.
  • Leverages Technology-must utilize multiple bank tools to communicate to, and monitor performance of implementation teams.
  • Capable of quickly learning new technologies and procedures, as well as being willing to train others in procedures mastered as part of implementations.
  • Possesses end to end knowledge of supported domain business environment.
  • Possesses knowledge of TI technology standards, including full lifecycle of technologies used.


Perimeter Security - Technical Expertise:

Detailed product solution knowledge and hand on experience designing and implementing one or more DMZ and Security functions from each of the following technologies:

  • Firewalls: Checkpoint 61000/41000 Security System, Nokia, Fortinet firewalls, Juniper SRX series and Netscreen,
  • Virtual Firewalls: VMs with multi-hypervisor support [VMWare ESXi/NSX, Citrix SDX, KVM (CentOS/RHEL), Ubuntu, AWS], and NFV firewalls (controller and/or non controller based)
  • IDS/IPS: Tipping Point, Imperva, IBM,..
  • Malware/Cyber Threat Mitigation: FireEye, Cyphort, Vectra, Cloud based,.
  • DDoS Mitigation: Arbor PeakFlow, Prolexic, Premise/Cloud based servicing,
  • Database Activity Monitoring: Imperva SecureSphere, IBM Guardium,..
  • Proxy Services: BlueCoat, F5, A10, Fortinet,
  • System debugging and troubleshooting
  • Detailed designs and configurations
  • Experience with designing and deploying low latency environments
  • Experience designing and deploying DMZ