BloombergNew York 10075
Full Time
||none||Security Architect||Bloomberg|| ||||">

Security Architect

Full Time Bloomberg Philanthropies, 25 E 78th St, New York, NY 10075, United States


Our Team: 

The Engineering Security Architecture team is responsible for information security on all employee-facing systems. We secure the “traditional” enterprise network, but also secure the SaaS applications used by Bloomberg LP. We review designs for internal teams, architect, design, plan and implement technical controls that support the company's security policy and posture. Our success requires continuous collaboration with several other groups across the organization, including the Chief Technology Office, Chief Risk & Compliance Office/CISO, Corporate Technology, Engineering, Legal. We are a small, global team with a significant impact! 
The Role: 
Bloomberg LP’s Security Design and Development team is seeking a self motivated Security Architect to drive automation. This role will require you to evaluate/develop and implement new or existing applications and products with automation.

We’ll trust you to: 

  • Focus on automation, devops, and CI/CD to reduce operational overhead.
  • Provide security for on-premises environments and cloud-based digital platforms and play an integral role in protecting the organization's data. This may involve analyzing existing on-premises or cloud services and architecting new and enhanced security methods. 
  • Collaborate with partner teams to identify and remediate information security vulnerabilities or design flaws.
  • Perform as part of a larger team dedicated to securing on-premise or SaaS/cloud-based solutions and technologies. 
  • Instruct and guide other teams to craft "secure by default" infrastructure; they may also investigate, build, and recommend innovative technologies or other methods that will improve the security of cloud-based and on-premises environments.
  • Demonstrate the ability to innovate, build and advocate improvements in existing deployments and lead new initiatives.

You’ll Need to Have: 

  • 2+ years of proven experience with CI/CD (Infrastructure as Code) developer tools such as GitHub, Jenkins, Ansible, Puppet or Chef. With a deep understanding of one or more general purpose programming/scripting languages including but not limited to: Python, JavaScript, PowerShell, Bash, and working with various API integrations.
  • 2+ years of proven, hands-on experience as a Security Engineer, working with engineering partners to secure endpoints and enterprise infrastructure. Including technical knowledge on operating system security leveraging configuration standards such as CIS, NIST, and DISA..
  • 3+ years of experience working with teams to identify and remediate potential security gaps related to configuration, authentication, authorization, network segmentation, encryption, bastion host setup, etc. Leveraging Active Directory, Group policies, JAMF or desired state configuration.
  • A Degree in Computer Science, Engineering, Mathematics, similar field of study or equivalent work experience