(Remote) Information Security Enterprise Architect

Apply for this position Please mention DailyRemote when applying
Posted 10 days ago United States Salary undisclosed
Before you apply - make sure the job is legit.

Attempting to apply for jobs might take you off this site to a different website not owned by us. Any consequence as a result for attempting to apply for jobs is strictly at your own risk and we assume no liability.

Job Description


Are you looking to take your career from good to great? As an employee of PenFed, every day is an opportunity to thrive, and be part of a team working to ensure our organization is providing world class service to our members, employees, and our communities. We exist to help our members realize their full potential, educate and encourage their dreams, and make every effort to follow our mission and help our members "do better." Joining PenFed is more than being an employee; it s about being a part of the PenFed family.

PenFed is hiring an Information Security Enterprise Architect at our Tysons, Virginia location. The primary purpose of this job is to provide expert level direction and support in analyzing complex applications, codes, network, management systems, and for planning, designing, evaluating, and selecting cyber security systems and suites. This position will participate in projects that address organization-wide needs, assess options, produce organization-wide designs, deliverables and roadmaps, and review complex project architectural deliverables for credit union-wide impacts.


Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This is not intended to be an all-inclusive list of job duties and the position will perform other duties as assigned.
  • Expert level technical expertise across multiple security domains, including identity and access management, security operations, infrastructure security, data security, threat modeling, pen testing and a focus area in one or more tracks:
    • Application: application security, static and dynamic application testing, secure coding standards, microservices and cloud based API security, cloud based (SAAS - Salesforce, PAAS) application security, OAUTH/SAML
    • Infrastructure: network security (including zero trust networks, AWS IAAS/PAAS, and NGFW), log/event management, automation of security controls, configuration standards, implementing security frameworks (e.g. CIS Critical Security Controls/SANS Top 20) at enterprise level, AWS security architecture and design, AD SSO implementation and design, cryptographic key management
  • Lead large and complex initiatives and solutions (involving multiple departments, new/leading edge technology, integrating several technology types, high visibility and/or risk, resulting in significant organizational change).
  • Develop an architecture component of the enterprise risk assessment to provide the greatest opportunity for new applications and services to comply with established enterprise architecture requirements. Develop and manage a governance process to accept, document and account for necessary exceptions to established standards.
  • Conduct evaluation and comparison of alternative solutions; determines suitability within enterprise roadmaps and business plans; ensures the alignment of solutions with organizational strategies and needs and engages in risk assessment and mitigation.
  • Recommend improvements to existing data, application, and infrastructure architectures in areas of expertise.
  • Must be involved in the development, delivery, maintenance, communication and governance of architectural principles and standards.
  • Collaborate with IT staff , subject matter experts , business partners, clients and senior managers to understand business processes/functions/capabilities ; assess the types of architecture service needed; plan and design solutions and service delivery.
  • Develop and maintain Security Reference Architecture for highly scalable and fault-tolerant applications that adhere to expected standards and discipline from a security posture.
  • Conduct proof of concept activities with key business users in support of advanced use cases.
  • Gain an understanding of Current State and Target State Security Architecture and then working to define a strategy for technical direction around security for on premise and cloud platforms.
  • Gather and analyze requirements/use cases from product owners.
  • Provide technical and architectural oversight for systems and projects that are required to be always on, always secure and always complaint.
  • Work directly with project development teams to enable successful project implementation applying the recommended security tools, technologies and techniques. Provide expertise to project team engineers as needed.
  • Work with the product organization to develop secure business requirements, develop the security architecture and integrate into long term platform strategy.
  • Provide expertise, direction and support on all matters relating to IT security, IT security risk identification and assessments, analysis and integration, and IT security awareness.
  • Leverage technology wherever possible to minimize manual processes.
  • Establish and maintain relationships with senior executives, business unit leaders, partners, affiliates and vendors to ensure IT and cyber security protocols are met.
  • Presents a detailed understanding of emerging threat landscape.
  • Keeps abreast of adversary tactics, techniques and procedures, intelligence reporting and the PenFed IT Security strategy to enable the practical application of intelligence to information security.
  • Stays current with cyber security community to maintain/develop formal and informal sources of information and incorporate industry best practices where applicable.
  • Excellent verbal and written communication skills, such as meeting facilitation, presentation documentation, and interpersonal communications skills.
This role is not responsible for ensuring business continuity.


Equivalent combination of education and experience is considered.
  • Bachelor s in Computer Science related discipline, or equivalent combination of education & experience in information security in a large, highly-regulated enterprise.
  • Minimum of ten (10) years of experience architecting, designing and developing large scale security solutions utilizing a mixture of hardware, software and cloud technologies.
  • Minimum of ten (10) years of hands-on experience in the Information Technology industry, specifically related to security design and development, database design and development, risk management, and system integration.
  • Knowledge of security access control software, equipment and processes required.
  • Experience with Payment Processing, Fraud Technologies and Financial Services systems required.
Supervisory Responsibility
  • This position will not supervise employees.
Licenses and Certifications
  • Technical certifications AWS, Azure and SalesForce preferred.
  • Technical security certifications required CISSP, CRISC, GICSP (with GICSP, MCSE, GIAC preferred)
  • Working knowledge of Data Security Best Practices; At Rest, In Flight and In Use
  • Ability to present technical concepts to non-technical audiences
Work Environment

While performing the duties of this job, the employee is regularly exposed to an indoor office setting with moderate noise.

Most roles require working in an office setting with moderate noise and the ability to lift 25 pounds.


Ability to travel to various worksites.

Special Message Regarding COVID 19

PenFed is continuing to hire and train exceptional individuals to help us serve our 2 million members both here and around the world. In light of the current situation with COVID-19, we have modified our hiring, onboarding, training, and deployment protocols in order to comply with applicable current local and state guidance.

About Us

Established in 1935, PenFed today is one of the country s strongest and most stable financial institutions with over 2 million members and over $26 billion in assets. We serve members in all 50 states and the District of Columbia, as well as in Guam, Puerto Rico and Okinawa. We are federally insured by NCUA and we are an Equal Housing Lender. We are available to members worldwide, via the web, seven days a week, twenty-four hours a day.

We provide our employees with a lucrative benefits package including robust medical, dental and vision plan options, plenty of paid time off, 401k with employer match, on-site fitness facilities at our larger locations, and more.

Equal Employment Opportunity

PenFed management will maintain and observe personnel policies which will not discriminate or permit harassment or retaliation against a person because of race, color, creed, age, sex, gender, gender identity, gender expression, religion, national origin, ancestry, marital status, military or veteran status or obligation, the presence of a physical and/or mental disability or medical condition, genetic information, sexual orientation, and all statuses protected by applicable state or local law in all recruiting, hiring, training, compensation, overtime, position classifications, work assignments, facilities, promotions, transfers, employee treatment, and in all other terms and conditions of employment. PenFed will also prohibit retaliation against individuals for raising a complaint of discrimination or harassment or participating in an investigation of same.
..... click apply for full job details