CardWorks
Position Summary
This VP-level Enterprise Cybersecurity Architect leads the definition and evolution of enterprise-wide security strategy and frameworks for CardWorks and Merrick Bank, a combined mid-size bank and financial services enterprise. By integrating security architecture with business goals, this role implements comprehensive controls across both cloud and on-premise environments without compromising employee productivity or quality of life. CardWorks and Merrick Bank are committed to safeguarding customer data and internal IT assets and maintaining a robust cybersecurity posture. This role is crucial in shaping and maintaining the security architecture of the entire enterprise, including designing, overseeing implementation, and ensuring secure IT systems and processes. The Cybersecurity Architect ensures compliance with industry regulations and best practices. CardWorks/Merrick values innovation, security, and a collaborative work environment.
Essential Functions Cyber Security Strategy & Architecture:
Own the enterprise security architecture framework, continuously evolving it to address new threats.
Design comprehensive security architectures, strategies, policies, and standards to align with business objectives and regulatory requirements (e.g., NIST CSF, GLBA, SOC2, PCI, FFIEC).
Develop and maintain security architecture and supporting documentation.
Identify and communicate emerging security threats to the CISO and other senior business leaders.
Assess latest cybersecurity technologies, trends, and developments. Communicate this to the Office of the CISO for relevance and potential integration.
Work with all technology teams to assist with secure designs, including but not limited to: Network design, Application, cloud, data transfer, pci, secure end user compute, access controls, vendor monitoring, etc.
Security Design & Implementation:
Partner with software development, engineering, and infrastructure teams to integrate security-by-design principles into all phases of solution delivery, including DevSecOps pipelines, cloud, and on-premise network architecture.
Design security patterns and controls to promote enterprise efficiency and transparency, including automation to assist compliance audits and daily security operations.
Evaluate security architecture and control baselines for all technology within the enterprise. Identify design gaps and recommend changes/enhancements.
Leadership & Mentorship:
Provide expert guidance and consultation related to security matters across the organization, particularly for senior Cybersecurity Team members and IT leadership.
Coach and mentor less experienced personnel on cybersecurity principles and implementation, fostering a culture of security best practices.
May lead a small team of architects and/or engineers directly or through a dotted-line relationship.
Prepare and deliver senior management-level presentations to communicate trends, threats, and current security posture.
Partner with Cybersecurity Solutions Architects as they establish baselines for various security controls and infrastructure.
Education And Experience:
Master’s degree in computer science, information security, or related technical field, equivalent certifications, or equivalent work experience.
10+ years of experience in enterprise architecture, cybersecurity architecture, or related leadership roles.
Deep technical security engineering experience with several of the following: network security, IAM, encryption, SIEM, IaaS, PaaS, SaaS, Secure SDLC, DevSecOps, API security, and endpoint protection.
Extensive experience with security frameworks/regulations such as FFIEC, GLBA, PCI-DSS, SOX, SOC2.
Proven experience designing secure, scalable, and resilient cloud-native and hybrid architectures.
Strong technical writing skills.
Relevant certifications (e.g., CISSP, CISM, ISSAP, TOGAF, AWS/Azure Architect) are highly desirable.
Excellent communication and stakeholder engagement skills with the ability to influence both technical and non-technical audiences.
Summary Of Qualifications:
Excellent communication skills to explain complex security and compliance concepts to both technical and non-technical stakeholders.
Detail-oriented, balancing tactical implementation with architectural foresight and continuous improvement.
Strong stakeholder management skills to influence CISOs, VPs of IT, compliance/audit, and business leaders.
Strong technical writing skills.
Scripting or automation skills using Python, PowerShell, Terraform, or Ansible is preferred but not required.
Proactive learner who stays current on evolving financial-sector threats, regulatory changes, and emerging security technologies.
The salary range for this position, if located in NY Metro/NY State is $202,000 to $224,500. However, the range will vary for other geographic areas.
Our Employee Value Proposition:
Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
Benefits Package - Medical, Dental, and Vision (plus much more)
401(k) Plan with Company Match
Short- & Long-Term Disability
Wellness Programs
Group Life and AD&D Insurance
Paid Vacation, Sick Days and bank Holidays
Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition
We are an equal opportunity employer and we evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status or any other legally protected characteristic. A thorough background check will be conducted for all hires in compliance with applicable laws.
Other
Seniority level: Executive
Employment type: Full-time
Job function: Other, Information Technology, and Management
Location: Lake Mary, FL
#J-18808-Ljbffr
Essential Functions Cyber Security Strategy & Architecture:
Own the enterprise security architecture framework, continuously evolving it to address new threats.
Design comprehensive security architectures, strategies, policies, and standards to align with business objectives and regulatory requirements (e.g., NIST CSF, GLBA, SOC2, PCI, FFIEC).
Develop and maintain security architecture and supporting documentation.
Identify and communicate emerging security threats to the CISO and other senior business leaders.
Assess latest cybersecurity technologies, trends, and developments. Communicate this to the Office of the CISO for relevance and potential integration.
Work with all technology teams to assist with secure designs, including but not limited to: Network design, Application, cloud, data transfer, pci, secure end user compute, access controls, vendor monitoring, etc.
Security Design & Implementation:
Partner with software development, engineering, and infrastructure teams to integrate security-by-design principles into all phases of solution delivery, including DevSecOps pipelines, cloud, and on-premise network architecture.
Design security patterns and controls to promote enterprise efficiency and transparency, including automation to assist compliance audits and daily security operations.
Evaluate security architecture and control baselines for all technology within the enterprise. Identify design gaps and recommend changes/enhancements.
Leadership & Mentorship:
Provide expert guidance and consultation related to security matters across the organization, particularly for senior Cybersecurity Team members and IT leadership.
Coach and mentor less experienced personnel on cybersecurity principles and implementation, fostering a culture of security best practices.
May lead a small team of architects and/or engineers directly or through a dotted-line relationship.
Prepare and deliver senior management-level presentations to communicate trends, threats, and current security posture.
Partner with Cybersecurity Solutions Architects as they establish baselines for various security controls and infrastructure.
Education And Experience:
Master’s degree in computer science, information security, or related technical field, equivalent certifications, or equivalent work experience.
10+ years of experience in enterprise architecture, cybersecurity architecture, or related leadership roles.
Deep technical security engineering experience with several of the following: network security, IAM, encryption, SIEM, IaaS, PaaS, SaaS, Secure SDLC, DevSecOps, API security, and endpoint protection.
Extensive experience with security frameworks/regulations such as FFIEC, GLBA, PCI-DSS, SOX, SOC2.
Proven experience designing secure, scalable, and resilient cloud-native and hybrid architectures.
Strong technical writing skills.
Relevant certifications (e.g., CISSP, CISM, ISSAP, TOGAF, AWS/Azure Architect) are highly desirable.
Excellent communication and stakeholder engagement skills with the ability to influence both technical and non-technical audiences.
Summary Of Qualifications:
Excellent communication skills to explain complex security and compliance concepts to both technical and non-technical stakeholders.
Detail-oriented, balancing tactical implementation with architectural foresight and continuous improvement.
Strong stakeholder management skills to influence CISOs, VPs of IT, compliance/audit, and business leaders.
Strong technical writing skills.
Scripting or automation skills using Python, PowerShell, Terraform, or Ansible is preferred but not required.
Proactive learner who stays current on evolving financial-sector threats, regulatory changes, and emerging security technologies.
The salary range for this position, if located in NY Metro/NY State is $202,000 to $224,500. However, the range will vary for other geographic areas.
Our Employee Value Proposition:
Competitive Pay, including a Bonus Target or Variable Pay Incentive Program
Benefits Package - Medical, Dental, and Vision (plus much more)
401(k) Plan with Company Match
Short- & Long-Term Disability
Wellness Programs
Group Life and AD&D Insurance
Paid Vacation, Sick Days and bank Holidays
Employee Engagement Activities including Employee Appreciation Day, DEI Employee Resource Groups, Corporate Social Responsibility, Service Recognition
We are an equal opportunity employer and we evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status or any other legally protected characteristic. A thorough background check will be conducted for all hires in compliance with applicable laws.
Other
Seniority level: Executive
Employment type: Full-time
Job function: Other, Information Technology, and Management
Location: Lake Mary, FL
#J-18808-Ljbffr