BBVA Compass Security Architect in birmingham, Alabama


At BBVA, we are working to make banking better for everyone. That is where you come in. We are looking for smart, team oriented people who want to be part of a first-class workforce that gives people the tools they need to meet their financial goals, all while delivering an outstanding client experience.

Learn more below.

What will you be doing?

  • You will work as part of the Security Architecture team which is responsible for enterprise security architecture and strategy.

  • We are responsible for reviewing, designing and advising application teams regarding the implementation of security standards into the SDLC.

  • Another primary role will be architecting, designing, and assessing risk and threats to security solutions in a way that enforces security consistently across internally developed and commercial-off-the-shelf applications.

  • The security architecture team also supports the Application Security team in analyzing and providing remediation guidance for vulnerabilities within software applications and systems using a variety of tools and methodologies

  • As a member of security architecture, you will be required to design, architect and advise technical teams and business stakeholders on cloud security strategy for cloud based applications

  • We serve as a hands on subject matter expert in the field of application security with the ability to work with developers, architects, project managers, business analysts and others to identify security requirements for projects and ensure that these requirements are met as part of the SDLC

  • As a part of this team, you will assist with the development of the security architecture program which meets regulatory requirements and aligns with industry security practices.

  • We will regularly perform security design review, threat modeling and architectural/system security assessments to ensure that solutions are being designed in a way that properly measures risk

  • We regularly create advisory and strategy documents, conduct proof-of-concept evaluations, selection advice and recommendations, and determine optimal ways of integrating technology into new and existing processes

  • We must apply and determine the impact of the introduction of new and emerging programming methods, technologies, and industry trends on the security posture of BBVA Compass' enterprise applications and development methodology.

  • We must also contribute to the development and maintenance of the information security strategy, policies and procedures


What you will bring.

  • Working knowledge of common web application security vulnerabilities (OWASP Top Ten, etc.) and programming patterns that lead to them, as well as remediation techniques

  • Experience with REST API security and related technologies

  • Experience with software security testing (static and dynamic analysis)

  • Experience with enterprise applications (architecture, development, and support)

  • Working knowledge of authentication and identity management technologies

  • Working knowledge of cryptography and proper application to real-world situations

  • Professionally recognized certifications in a security-related field, OSCP, GIAC certifications, CISSP or other certifications preferred

  • Deep technical understanding of how cyber-attacks may be carried out and how they can be disrupted

  • Strong experience supporting effective cyber and information security programs

  • Experience in working within information classification and/or data privacy frameworks

  • Ability to work in both agile and waterfall projects and understand the implications of when and how to be engaged in each

  • Ability to understand fundamental differences between cloud technology, specifically IaaS, and on premise solutions

  • Must be a relationship builder and capable of functioning with limited oversight

  • Must have experience in large scale security programs including identity & access management, cloud strategy, and devops and agile methodologies

  • Must manage ambiguity and be able to define clear goals and plans from it

  • Must have strong enterprise business acumen and demonstrate strong listening, communications, alliance-building, negotiation, conflict management and influencing skills

  • Must be able to consider business perspectives in projects and find solutions rather than focus on a black and white solution of yes or no

Job ID 2018-112597