Hiring - Security Engineer - NYC NY – Locals ONly - F2F Interview
Bishwa Mahato
Role: Security Engineer
Location: NYC NY – Locals ONly
F2F Interview
Role Overview
The SecDesign Security Architect plays a critical role in assessing and strengthening the security posture of the firm’s technology ecosystem. The mission of the SecDesign team is to conduct deep security architecture assessments across systems, applications, and business processes—identifying risks, evaluat ing controls, and recommending remediation aligned with established security standards and industry best practices.
This role functions as an internal consultant, partnering with multiple business units and technology teams to evaluate a wide range of technology stacks. The Architect also acts as an Integrator, collaborating globally with Technology, Business, Suppliers, Stakeholders, and Partners to perform SecDesign assess ments and guide secure architecture decisions.
Additionally, the Architect will work with a global team of subject matter experts to modernize the firm’s SDLC platform, supporting deployment automation into private/public cloud endpoints and SaaS tooling. This position offers the opportunity to help design and influence next-generation development and deployment practices across the firm.
Key Responsibilities:
Security Architecture Assessments
Lead SecDesign deep-dive sessions with assessment requestors and project stakeholders.
Identify, assess, and prioritize security risks in alignment with business impact.
Deliver clear, actionable security requirements and recommendations across areas including:
Authentication, authorization, and auditing
Application security (session controls, penetration testing findings, input validation)
Secure data storage and transmission
Network security architecture and best practices
Cloud security principles, patterns, and controls
Architecture Governance & Reference Models
Periodically review and update security reference architectures and blueprints.
Participate in Operational Risk and Technology Risk governance forums.
Contribute to the definition of modern architecture patterns across cloud, application, and platform domains.
Technology Enablement
Collaborate with global SMEs to evolve the firm’s SDLC tooling and deployment automation strategy.
Influence next-generation development and deployment platforms across diverse technology stacks.
Identify areas of strategic technology investment that enhance the firm’s security posture.