Senior Security Architect
Company: New York Public Library
Location: New York
Posted on: April 12, 2025
Job Description:
Senior Security ArchitectApplication Deadline: 13 December
2024Department: Information TechnologyEmployment Type: Full
TimeLocation: Crystal Building 40 W20th StReporting To: Jay
HaqueCompensation: $130,000 - $145,000 / yearDescriptionThis role
requires onsite work in NYC; this is not a remote role.OverviewThe
Senior Security Architect will focus on enhancing the effectiveness
of cybersecurity practices, increasing automation, and integrating
security measures into the development pipeline. This role involves
hands-on oversight of key security tools and processes to ensure
the organization's security posture is continuously improving.This
position will have a wide breadth of access across the
cybersecurity tools ecosystem and will focus on adoption,
automation, and continuous improvements. This includes tools across
the security landscape - vulnerability management, configuration
management, SIEM/Logging, access management, secure application
development practices, SOAR, etc.The role will interface with key
stakeholders across the business including other technology teams
and business department leaders and have significant influence on
the cybersecurity ecosystem and focus on the hands-on execution of
security measures, including implementing, optimizing, automating,
and troubleshooting technical defenses.We are looking for someone
we can count on to:Manage:
- Cybersecurity tools and processes
- Technical systems and capabilities including automation and
distribution
- Relationships with technology partners
- Roadmap of improvements and enhancements
- Relationships across engineering teams (networking, devops,
systems, app dev, etc.)Teach:
- General cybersecurity awareness and business
justifications
- Best practices employed to secure computing environments
- Methods of using available toolsets to improve overall cyber
posture
- Work closely with other departments to ensure understanding of
cybersecurity
- Work with colleagues across the business to ensure clear
expectations are setLearn:
- NYPL's cybersecurity tools
- Automation mechanisms - SOAR, scripting, APIs, etc.
- Understand Library's unique place in providing network access
as a means to accomplish its mission.
- NYPL's business and services to better understand the
organization's risk profile.
- Emerging technologies that simplify security managementImprove:
- Operational efficiency
- General awareness of cybersecurity
- Cohesion amongst toolset
- Security posture management across engineering teamsSome
expectations for this role are that within:1 month, this person
will:
- Understand the organization's risk profile and cybersecurity
tools
- Assess current cybersecurity technical processes and identify
potential areas for improvement
- Begin engaging with key stakeholders across security,
development, and infrastructure teams3 months, this person will:
- Start implementing approved improvements or automation for
routine security tasks; being actively hands-on on these platforms
and systems (Windows, Linux, Networking)
- Enhance integration between security tools for improved
visibility and incident response
- Begin incorporating security testing into the development
pipeline6 months and beyond, this person will:
- Fully integrate security testing suggestions into the
development workflow
- Continue refining automation processes and security practices
across infrastructure
- Propose ongoing improvements based on performance
metricsResponsibilities:
- Oversee the management and optimization of key cybersecurity
tools and processes, including vulnerability and configuration
management, SIEM, secure development practices, and other common
technologies
- Implement automation and process improvements for routine
security tasks to improve operational efficiency
- Integrate security testing and secure development practices
into the CI/CD pipeline for continuous security coverage
- Assess and report on the organization's cybersecurity posture,
recommending improvements based on identified risks
- Collaborate with stakeholders across technology teams and
business units to ensure alignment with cybersecurity
initiatives
- Provide security guidance and training to teams to increase
cybersecurity awareness and best practices
- Stay informed on emerging security technologies and trends to
enhance the cybersecurity ecosystemRequired Education, Experience &
SkillsRequired Education & Certifications
- Bachelor's degree preferred, but not requiredRequired
Experience
- 5+ years administering cybersecurity tools
- Prior experience as a technologist in a role of systems
engineering, network engineering, or application development
- Experience collaborating across IT support groups and business
unitsRequired Skills
- Deep technical expertise within at least one domain of
technology - systems (windows/linux), networks, or application
development.
- Hands-on automation experience using scripting and or specific
cybersecurity tools, etc.
- Strong understanding of cybersecurity concepts and hands-on
experience with tools aligned with the NIST framework, including
vulnerability management, SIEM, vulnerability/patch management, and
endpoint protection
- Proficiency in integrating security testing and secure
development practices into CI/CD pipelines
- Experience automating security processes and workflows to
improve operational efficiency
- Strong analytical skills to assess risks, identify gaps, and
propose security improvements
- Ability to communicate effectively with technical and
non-technical stakeholders to drive security initiatives
- Knowledge of cloud security principles and practices across
modern infrastructure environments
- Familiarity with secure coding standards and application
security practicesManagerial/Supervisory Responsibilities
- N/ACore ValuesAll team members are expected and encouraged to
embody the NYPL Core Values:
- Be Helpful to patrons and colleagues
- Be Resourceful in solving problems
- Be Curious in all aspects of your work
- Be Welcoming and InclusiveWork Environment
- Office settingPhysical Duties
- Lift/move equipment up to 25 lbsPre-Placement Physical
Required?
- NoUnion/Non UnionNon-UnionFLSA StatusExemptSchedule
- Occasionally travel to NYPL sites
- Hybrid 3 - in office / 2 - remotely; as workload permits
- Available on-call after hours and weekends for emergenciesThis
job description represents the types and levels of responsibilities
that will be required of the position and shall not be construed as
a declaration of all of the specific duties and responsibilities
for the role. Job duties may change if Library priorities change.
Employees may be directed to perform job-related tasks other than
those specifically presented in this description as needed.The New
York Public LibrarySalary StatementAt the Library, we believe that
pay transparency and pay equity are important to ensuring we source
the best candidates and keep the best employees. When making a
determination as to the appropriate salary for a candidate, we
consider a variety of factors such, including, but not limited to,
the position requirements, the skills, prior experience, and
educational background required or preferred for the job, the scope
and impact of the role within the organization, internal peer
equity, and the candidate's specific training, experience,
education level, and skills. No single factor is conclusive; the
Library reserves the right to consider any and all relevant factors
and make a decision consistent with its policies.Union Salaries are
determined by collective bargaining agreement(s).
#J-18808-Ljbffr
Keywords: New York Public Library, New York , Senior Security Architect, Professions , New York, New York
Didn't find what you're looking for? Search again!
Loading more jobs...
