Apply on Employer Site

SMBC Group · 2 days ago

Principle Enterprise Security Architect - Director

Charlotte, NC

Full-time

Hybrid

Lead/Staff, Director/Executive

$203K/yr - $230K/yr

12+ years exp

SMBC Group is a top-tier global financial group offering a diverse range of financial services. The Principal Enterprise Security Architect will shape and govern the Enterprise Security Architecture strategy, ensuring the organization remains secure and resilient while integrating innovative technologies and ensuring regulatory compliance.

AdviceBankingFinancial Services

H1B Sponsor Likely

Responsibilities

Define and mature the global enterprise security architecture strategy, ensuring alignment with business goals, risk appetite, and regulatory obligations

Develop and maintain multi-year security roadmaps, integrating emerging technologies, regulatory shifts, and industry best practices

Proactively plan for future-state architecture capabilities to address AI/agentic system security, zero trust, and cloud-native resilience

Act as a senior advisor to the Head of Enterprise Security Architecture, CISO, and Technology leaders

Drive enterprise-wide architectural governance, ensuring consistency across global regions, platforms, and regulatory jurisdictions

Champion innovation and future-proofing, continuously evaluating new technologies

Evaluate cloud-native services and emerging technologies, recommending secure integration strategies

Define guardrails, standards, and patterns that ensure scalable and resilient security strategy

Architect enterprise controls for AI/ML systems, mitigating risks such as adversarial attacks, data poisoning, model drift, and prompt injection

Design governance models for agentic systems (autonomous AI agents) to ensure safety, accountability, and alignment with regulatory expectations

Embed AI risk management frameworks (NIST AI RMF, EU AI Act) into enterprise security strategy

Partner with AI/ML, data science, and enterprise architecture teams to ensure secure innovation in AI adoption

Support regulatory reviews and audits, providing enterprise-level architectural evidence and strategic risk insights. i.e. NYSDFS, FRB, FFIEC, GDPR, CCPA, etc

Conduct proactive risk-based architecture reviews for global initiatives, cloud migrations, digital transformation, and AI deployments

Represent security architecture in enterprise-wide architecture boards, steering committees, and governance forums

Collaborate with enterprise architects, technology strategists, and regional security teams to ensure global alignment

Mentor and develop future security architects, raising organizational technical depth and strategic foresight

Qualification

Enterprise Security ArchitectureCloud SecurityCybersecurity StrategyRegulatory ComplianceAI SecurityNetwork ArchitectureApplication SecurityIdentity & Access ManagementSecurity FrameworksCommunication SkillsLeadership SkillsMentoring SkillsCollaboration Skills

Required

Bachelor's or Master's degree in Computer Science, Information Security, or related field (or equivalent experience)

12+ years of progressive cybersecurity experience, with extensive exposure to enterprise and cloud security architecture

Demonstrated experience developing and executing enterprise security strategies and roadmaps in a global, regulated financial services environment

Proven track record of leading proactive planning, future-proofing security capabilities, and driving innovation

Proven expertise across multiple domains including cloud security (Azure, AWS, GCP), data protection (KMS/HSM, PKI, tokenization, data masking, data residency), network architecture, application security, identity & access management, and zero trust

Application & API Security: DevSecOps integration, API gateways, container/Kubernetes security

Infrastructure & Network Security: Segmentation, cloud-native firewalls, IDS/IPS, VPNs

AI/Agentic Security: Adversarial ML defense, AI pipeline security, model governance, agentic system controls, NIST AI RMF alignment

Strong knowledge of enterprise architecture frameworks (e.g., TOGAF, SABSA, Zachman) and security frameworks (e.g., NIST CSF, CIS, CRI Profile, CISA, ISO 27001)

Deep understanding of regulatory and compliance obligations in highly regulated industries (NYDFS 23 NYCRR 500, FFIEC, GDPR, ISO 27001, NIST CSF)

Exceptional communication and influencing skills; able to work with executives, regulators, and engineers alike

Preferred

Preferred certifications include CISSP, CISM, CISA, CRISC, SABSA, TOGAF, CCSP, AWS/Azure/GCP Security, NIST AI RMF Practitioner, GIAC Artificial Intelligence Security (AIS), or equivalent emerging certifications

Benefits

Hybrid workforce model

Reasonable accommodations during candidacy for applicants with disabilities

Company

SMBC Group

Glassdoor3.5

SMBC Group is a top-tier global financial group.

Founded in 1590

New York, New York, USA

10001+ employees

https://www.smbcgroup.com/americas

H1B Sponsorship

SMBC Group has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (160)

2024 (87)

2023 (73)

2022 (44)

2021 (29)

2020 (26)