Chief Security Architect in Windsor, CT at Voya

Date Posted: 9/14/2018

Job Snapshot

  • Employee Type:
  • Location:
    1 Orange Way
    Windsor, CT
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:

Job Description

As part of the application process, a candidate account is required to log in and view application(s).  Please be sure to check email regularly for information regarding our employment process.

About the Role:

The VOYA Financial Cyber security architecture team’s mission is to provide security architecture services for the company including but not limited to a security architecture enterprise framework, security architecture evaluation and associated design patterns and reference architectures needed to securely build system and solutions for various application, data and infrastructure components or services.

The Chief Security Architect, Director/AVP, will be responsible for and serve as the design and architecture authority for all the below mentioned domains with HANDS ON expertise on cloud security and at least two other domains listed herein (Data Security, Security monitoring and response, Application and System Security, Infrastructure Security).  

This position has a lot of growth potential and will provide ample opportunities to grow into other security management and leadership roles within the firm.


  • Cloud Security – will be primarily focused on evaluating current state and providing future state security architecture guidance and reference architecture/patterns for systems, servers and applications in AWS and Azure. Also should be able to architect the implementation of cloud based and/or hosted security infrastructural components (firewalls, WAF, IPS, Proxy etc.) and identity (federation) systems (MFA, SSO etc.). Hands on experience on VPC (virtual private cloud) segmentation (DMZ, public and private VPCs, VPC peering etc.) and design, cloud orchestration, and security patterns highlighting secure consumption of commonly available AWS services (e.g. RDS, S3, SES, Lambda etc.) is required.
  • Data Security – will be primarily focused on evaluating current state and architecting future state data security capabilities that include but not limited to data encryption at rest and in transit for structured and unstructured data, key management, digital rights management, data obfuscation, email security (dmarc), and secure data access and resiliency
  • Security Monitoring and Response – will be primarily focused on evaluating current state and architecting the next generation monitoring and response capabilities for domains including but not limited to – networks, endpoints, servers, databases, systems and cloud. This would include evaluating the current state and selecting next generation monitoring and response tooling for these domains wherever appropriate. Also experience in architecting solutions to detect and prevent fraud by shoring up authentication (MFA), identity proofing, conditional access and risk based transaction analysis is required.
  • Application and System Security – will be primarily responsible for evaluating the current state and developing secure reference architecture and/or patterns for company (in-house or COTS) applications, DevOps (CI/CD) for containerized and virtualized systems and infrastructural components, and application and system patching and hardening.
  • Infrastructure security – will be primarily responsible for evaluating the current state and developing secure architectural reference architecture and/or patterns for shared infrastructure components (PKI, Directory Services, SSO, MFA, NFS etc.), databases and storage systems – both physical and virtualized.
  • Access Management – knowledge and experience in the area of access management would be preferable.
  • Team Management – will manage a team of architects.
  • Risk Framework – will need to ensure that all architecture activities are in alignment with but not limited to guidelines from FINRA, NIST 800-53 and/or FIPS 140-2.
  • Collaboration – will need to collaborate with application, infrastructure and data architects.


  • Bachelor’s degree in information systems technology or computer science is required.  Master’s degree in the same areas is preferred.
  • CISSP security certification and AWS Solution Architect certification is required.
  • OSCP (Offensive Security Certified Professional), CCNA, CCDA, CCIE, CCNP and Series 99 is preferred.
  • 7-10 years’ experience in as a security and/or application architecture with primary focus on application, network or data security.
  • 5 years hands on experience in cloud architecture, primarily in AWS and/or Azure.
  • 3+ years of team management experience.
  • Good technical writing and presentation skills.



Critical Skills
At Voya, we have identified the following critical skills which are key to success in our culture: 

  • Customer Focused: Passionate drive to delight our customers and offer unique solutions that deliver on their expectations.
  • Critical Thinking: Thoughtful process of analyzing data and problem solving data to reach a well-reasoned solution.
  • Team Mentality: Partnering effectively to drive our culture and execute on our common goals. 
  • Business Acumen: Appreciation and understanding of the financial services industry in order to make sound business decisions. 
  • Learning Agility: Openness to new ways of thinking and acquiring new skills to retain a competitive advantage.

Learn more about Critical Skills.