Application Security Architect - REMOTE

At U.S. Bank, we're passionate about helping customers and the communities where we live and work. The fifth-largest bank in the United States, were one of the country's most respected, innovative and successful financial institutions. U.S. Bank is an equal opportunity employer committed to creating a diverse workforce. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, among other factors.

Job Description

U.S. Bank is seeking a Senior Architect to provide enterprise guidance for application security planning and design in multiple cloud environments. The application security architect proactively and holistically leads and supports EA activities that guide the development and management of a portfolio of cloud application security solutions. Solutions include projects, systems (including applications, technologies, processes and information), shared infrastructure services and shared application services.

They understand the concepts of business goals, objectives, outcomes, capabilities, value-streams, and business processes and their importance in solution architecture. The application security architect provides the necessary leadership, analysis and design tasks related to support the development of security solutions to ensure that solutions meet business needs and align with architectural governance and standards. They create deliverables for managing the organization's portfolio of "to be" and "as is" cloud application security capabilities including systems (applications, processes, information and technology), shared infrastructure services, and shared application services and components to enable and drive targeted business outcomes.

Basic Qualifications

• Bachelor's degree or equivalent work experience
• At least 10 years experience with the concepts, philosophies and tools behind the design of applications, information and underlying information technologies.
• At least 10 years experience with developing and implementing applications.

Key Responsibilities

Interpret Business Needs

• Translate business and technical needs into an application security blueprint
• Work closely with product managers and stakeholders to ensure a robust architecture runway that can support future security requirements throughout the product lifecycle
• Understand current and future state security capabilities to determine enterprise security designs and requirements to drive targeted outcomes

Example deliverables: requirements traceability document, business process/capability impact assessment, security operations process diagrams

Assess Security Technologies

• Monitor current state cloud/ container security portfolio to identify deficiencies used by the application and container controls or misalignment with security requirements
• Supports product managers in end-of-life product decisions to maintain, refresh or retire services, or systems, including applications, technologies, and processes
• Understands emerging cloud security trends and disruptions and their practical application to enable new and evolving security operating models

Example deliverables: requirements traceability document, business process/capability impact assessment, security operations process diagrams

Apply Security Technologies

• Manages and develops the application security architecture for a broader scope of projects or products, working closely with application architects that manage and design architecture for a single project or product or initiative
• Develops a roadmap for the evolution of the enterprise application security portfolio from current to future state, as defined by the enterprise architecture
• Provides security consulting support to application architects within agile teams to ensure the project or product is aligned with the overall enterprise architecture

Example deliverables: Application security documentation, enterprise target state security architecture, application/platform security strategy

Provide Enterprise Guidance

• Provides deliverables like standard definitions, security reference models and architecture designs to support architectural governance to assess the impact of new and ongoing technology investment on the business and cloud estate
• Supports a community of practice (CoP), guiding and helping agile teams and product managers to align with the overall enterprise architecture governance and assurance
• Designs and directs the governance activities associated with ensuring security solutions architecture assurance and compliance
• Defines the principles, guidelines, standards, and cloud security patterns to ensure security decisions are aligned with the enterprise's future-state architecture vision

Example deliverables: application security solution scorecard, cloud security reference architecture components, Infrastructure as Code reference architecture

Experience Should Include

• 8+ years planning and designing application security systems, processes, and vendor strategies.
• 5+ of experience in at least two security solution development disciplines, including technical or security infrastructure architecture, network security management, secure application development or secure cloud development.
• Knowledge of various backend development languages like Java, Go and Python
• Knowledge of various database technologies like MySQL, MongoDB and Oracle
• Knowledge of various frontend web development languages like JavaScript, HTML and CSS.
• Knowledge of various aspects of a technology architecture like integration, network and security
• Excellent understanding and knowledge of application development life cycle methodologies (such as waterfall, spiral, agile software development, rapid prototyping, incremental, synchronize and stabilize, and DevOps/ SecDevOps)
• Understanding of IT standards and controls
• Excellent analytical, planning, organizational and technical and skills
• Ability to work with developers and application development teams

Experience:

• Exposure to multiple, diverse security technologies, platforms, and processing environments
• Strong experience and exposure planning and designing cloud security technologies with focus on containers and application security
• Strong command of strategic and emerging security/ cloud technology trends, and the practical application of existing and emerging technologies to new and evolving business and operating models.
• Good understanding of product management, agile principles and development methodologies and capability of supporting agile teams by providing advice and guidance on opportunities, impact, and risks, taking account of technical and architectural debt.
• Experience working closely with senior executives on strategic initiatives.

Experience with implementing and managing enterprise processes knowledge, incident, change, service request and major incident management

Employee Value Proposition (EVP)

Features of the role and the benefits available to those employed at The U.S. Bank. (Common EVP elements include):

• Rewards: Competitive compensation, full employee benefits, paid time off and well-deserved recognition are some of the considerations in our rewards offerings.
• Opportunity: We offer excellent development and career opportunities, future growth, career pathing and personal upskilling
• Organization: The U.S. Bank is recognized in various categories and has won awards for best leadership teams (2019), Best Company Outlook (2019), Best Company Culture (2018), Best Company for Women (2018) enjoying industry desirability, while continuously working to promote environmental, and social responsibility along with diversity and inclusion.
• People: Our teams are empowered to challenge the status quo through a collaborative culture with camaraderie, innovation and supportive leadership
• Work: Our team members are challenged with opportunities to work on innovative and impactful assignments with cutting-edge technology. They enjoy flexible work arrangements to promote work-life balance and psychological safety.

If theres anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants () .

Benefits:

Take care of yourself and your family with U.S. Bank employee benefits. We know that healthy employees are happy employees, and we believe that work/life balance should be easy to achieve. That's why we share the cost of benefits and offer a variety of programs, resources and support you need to bring your full self to work and stay present and committed to the people who matter most - your family.

Learn all about U.S. Bank employee benefits, including tuition reimbursement, retirement plans and more, by visiting .

EEO is the Law

Applicants can learn more about the companys status as an equal opportunity employer by viewing the federal EEO is the Law () poster.

E-Verify

U.S. Bank participates in the U.S . click apply for full job details