Senior Cloud Security Architect

SMBC Group is a top-tier global financial group. Headquartered in Tokyo and with a 400-year history, SMBC Group offers a diverse range of financial services, including banking, leasing, securities, credit cards, and consumer finance. The Group has more than 130 offices and 80,000 employees worldwide in nearly 40 countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the holding company of SMBC Group, which is one of the three largest banking groups in Japan. SMFG's shares trade on the Tokyo, Nagoya, and New York (NYSE: SMFG) stock exchanges.

In the Americas, SMBC Group has a presence in the US, Canada, Ireland, Mexico, Brazil, Chile, Colombia, and Peru. Backed by the capital strength of SMBC Group and the value of its relationships in Asia, the Group offers a range of commercial and investment banking services to its corporate, institutional, and municipal clients. It connects a diverse client base to local markets and the organization's extensive global network. The Group's operating companies in the Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko Securities America, Inc., SMBC Capital Markets, Inc., SMBC MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and Leasing Co., Ltd.

The following is a summary of the role and requirements for the Senior Cloud Security Architect position.

SMBC is seeking a Senior Cloud Security Architect who is interested in building a career at a fast growing and reputable Bank. The Senior Cloud Security Architect will develop and maintain system-specific cyber security policy best suited for business function and regulatory requirements. In addition, you will evaluate network security policy and set configurations for internal networks, external access, routers and firewalls and security certificates. They will be given opportunities to participate in devising and implementing testing plans for security systems, training initiatives, incident response and management plans, monitoring and reporting systems and disaster recovery plans.

This role will report to the Executive Director of Cloud Security Architecture.

• Develop and maintain system-specific cyber security policy best suited for business function and regulatory requirements.
• Evaluate network security policy and set configurations for internal networks, external access, router and firewall configurations, and security certificates. Develop machine security policies, select appropriate anti-virus technologies and determine operational best practices.
• Evaluate all new applications and systems for security requirements and risk, creating allowance lists and policy revisions as needed.
• Devise and implement testing plans for security systems, training initiatives, incident response and management plans, monitoring and reporting systems, and disaster recovery plans.
• Work with business unit leads and compliance teams to set security risk objectives, develop operational policy and guidance, and determine budgets for security systems.
• Partner with IT systems and network infrastructure teams to develop and implement security policy and configurations for corporate devices, connections and data resources.
• Engage with business units and application development teams to ensure third party and internally developed applications conform to security standards and do not create security gaps.
• Collaborate with cyber security analysts to operate testing and training programs, apply policy and install security applications, and provide incident response and tracking to support analysis efforts.

• 7 years of experience highly desired
• Demonstrate comprehensive understanding of various network, data and system security protocols and methodologies.
• Advanced IT security certifications.
• Display knowledge of regulations governing data security, industry and operational best practices, risk mitigation techniques and incident response protocols.
• Possess ability to coordinate policy and system updates, incident response plans, testing and training, and monitoring and reporting efforts across multiple departments and functions.
• Show familiarity with the benefits and risks associated with new technologies and services and encryption protocols.
• Additionally, remain up to date on major vulnerabilities, emerging threats and social engineering efforts.
• Have strong verbal and written communication skills.
• Ability to demonstrate a self-motivated and disciplined approach to learning and working.
• Ability to work in a team environment and demonstrate leadership skills when needed.
• Possess a highly developed sense of personal accountability and follow-through with an ability to effectively prioritize multiple personal tasks, projects, and goals.

SMBC's employees participate in a hybrid workforce model that provides employees with an opportunity to work from home, as well as, from an SMBC office. SMBC requires that employees live within a reasonable commuting distance of their office location. Prospective candidates will learn more about their specific hybrid work schedule during their interview process.

SMBC provides reasonable accommodations during candidacy for applicants with disabilities consistent with applicable federal, state, and local law. If you need a reasonable accommodation during the application process, please let us know at accommodations@smbcgroup.com.