Apply on Employer Site

First Horizon Bank · 1 day ago

Principal Security Architect

Memphis, TN

Full-time

Onsite

Lead/Staff

12+ years exp

First Horizon Bank is a leading regional financial services company dedicated to helping clients unlock their full potential. The Principal Security Architect will manage solution design, produce architecture documentation, and align security technology strategy with business goals while mentoring teams and leading security design efforts.

BankingFinanceFinancial ServicesRisk Management

H1B Sponsor Likely

Responsibilities

Manages solution design from conception, through ARB, to delivery

Primarily responsible for producing architecture documentation for security applications as assigned and as projects and programs of work dictate

Maintains First Horizon’s Security Architecture Pattern Inventory (across identity, data, application, network, and cloud) as a member of the Core Enterprise Architecture Team

Leads security design workshops and POC efforts for new (security) capabilities

Validates 3rd Party/Vendor Solutions for security concerns

Aligns Information Security Technology strategy and planning with First Horizon’s business goals and objectives

Promotes the use of a shared infrastructure and application roadmap to reduce costs and improve how assets are secured

Builds and maintains technical trusted advisor relationships with influential technical decision makers within Technology

Works with engineers to ensure that technical solutions as delivered align with Information Security Standards and Policies

Works with Portfolio technology leaders to include IT Risk and Security Exception initiatives in portfolio roadmap

Manage Encryption Standards: key management, tokenization for payments, DLP/classification/handling; architect PCI DSS segmentation boundaries and compensating controls

Manage Network/Zero Trust Standards: microsegmentation across Azure and colocation; secure branch/office connectivity; define workload identity and continuous verification patterns; enforce least privilege

Detection/telemetry: Publish Splunk logging schema, retention, and correlation strategies; onboard logs from Azure, Colo, API Gateways, IAM, CyberArk, MFaaS, and core platforms; drive ATT&CK‑aligned detections and forensic readiness

Secure SDLC and supply chain: Operationalize threat modeling; collaboratively define CI/CD control overlays with DevOps; establish artifact signing/SBOM standards; ensure secrets handling and container/Kubernetes baselines where applicable

Governance and risk: Maintain control overlays mapped to FFIEC/GLBA/PCI/NIST; lead design reviews; manage exceptions with remediation timelines; produce audit-ready decision records in partnership with the CISO team

Payments and third-party/SaaS: Define intake and security requirements for MFaaS, Salesforce, ServiceNow, FIS/Fiserv/Bottomline integrations—identity, logging, data handling, and PCI scoping

Physical security integration: Align building access, video, and visitor systems with identity and logging patterns; coordinate incident playbooks with Corporate/Physical Security

Enablement and influence: Mentor senior architects and engineering associates; lead communities of practice; communicate strategy, benefits, and trade-offs to executives and delivery teams

Qualification

Security ArchitectureAzure Security ArchitectureRegulatory FluencyTechnical DocumentationEnterprise Architecture GovernanceCISSPCompTIA Security+IAM IntegrationIntegration SecurityAgile/SAFe MethodologiesInfluenceEnablementExecutionCommunication SkillsOwnership

Required

Bachelor's degree in Computer Science, Management Information Systems, or related field

(12+) years of Information Security experience

(7+) years of Security Architecture

Experience in regulated financial services

Experience with Azure security architecture across multi-tenant/region and hybrid environments; strong Zero Trust and network segmentation expertise

Regulatory fluency: FFIEC, GLBA, PCI DSS; practical NIST CSF/800-53 mapping; MITRE ATT&CK‑aligned detection design

Experience with technical documentation like interaction diagrams, process diagrams, network topologies and other architectural content

Experience with Agile/SAFe methodologies

Experience with Enterprise Architecture Governance: ARB/design councils, exception handling, and audit narratives; ability to set and harmonize enterprise standards

Preferred

Strongly preferred: CISSP or CompTIA Security+

Microsoft Azure Security Engineer or Azure Solutions Architect Expert

Preferred: CCSP; CISM or CRISC; SANS GCSA or GCLD; PCI Professional (PCIP) or equivalent GIAC enterprise defense/IR certifications

Benefits

Medical with wellness incentives, dental, and vision

HSA with company match

Maternity and parental leave

Tuition reimbursement

Mentor program

401(k) with 6% match

Company

First Horizon Bank

Glassdoor3.6

First Horizon Bank provides personal, business, and corporate banking, and private client services, to families and businesses.

Founded in 1864

Raleigh, North Carolina, USA

5001-10000 employees

https://www.firsthorizon.com/pmc

H1B Sponsorship

First Horizon Bank has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (36)

2024 (31)

2023 (15)

2022 (17)

2021 (19)

2020 (16)