Principal Security Architect

Chicago, Illinois;Washington, District of Columbia; Denver, Colorado

**To proceed with your application, you must be at least 18 years of age.**

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Principal-Secur...\_26012589-2)

**Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.**

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Principal-Secur...\_26012589-2)

Refer a friend

**To proceed with your application, you must be at least 18 years of age.**

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Principal-Secur...\_26012589-2)

**Bank of America employees are required to meet all** **posting eligibility requirements** **prior to applying for any new position.**

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Principal-Secur...\_26012589-2)

**Job Description:**

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

**Job Description:**

At Bank of America, cybersecurity is foundational to protecting the enterprise and our customers. The Principal Security Architect is a senior technical leader within the Cyber Security Technology (CST) organization and a member of the Cyber Security Product Management team. This role partners across Global Information Security (GIS) to define, design, and deliver scalable security architectures and capabilities that address evolving threats, regulatory expectations, and business priorities.

CST is a globally distributed organization responsible for cybersecurity architecture, engineering, innovation, product and technology strategy, cyber resiliency, access management, data strategy, and security control support. The Principal Security Architect plays a critical role in shaping enterprise security architecture, influencing technology strategy, and driving execution across multiple engineering initiatives.

**Key Responsibilities**

+ Define solution intent and architectural vision in partnership with senior business and technology leaders, ensuring alignment with GIS policy and enterprise standards.

+ Collaborate with senior architects and product managers to develop and execute security roadmaps that deliver on strategic outcomes.

+ Advise senior executives on security risks, technology gaps, and architectural trade-offs; develop secure solutions through domain expertise, experimentation, and proofs of concept.

+ Lead the evolution of enterprise-level security architecture, ensuring designs are secure, resilient, and adaptable to emerging requirements.

+ Partner with governance and control owners to resolve policy issues and strengthen standards and best practices.

+ Mentor and guide other GIS architects, driving consistency, reuse, and adoption of architectural patterns across the cybersecurity organization.

+ Establish and continuously improve architectural practices, templates, and documentation.

+ Work with product managers and senior technology leaders to prioritize security backlog items that enable business epics and features.

+ Contribute across multiple initiatives simultaneously and adapt quickly between priorities.

+ Influence resourcing, budgeting, and funding decisions through architectural input and business case development; may provide people leadership or direction for special initiatives.

**How Success Is Achieved**

+ Promotes collaboration and builds consensus across stakeholders and senior leadership.

+ Applies enterprise policy, best practices, and threat analysis to influence secure outcomes.

+ Diagnoses root causes and solves complex problems in dynamic, high-pressure environments.

+ Provides informed input into financial planning and investment decisions.

+ Demonstrates strong ownership, accountability, and commitment to delivery.

+ Maintains a clear enterprise perspective, aligning individual and team efforts to shared goals.

+ Drives consistent, sustainable processes that deliver predictable, high-quality results.

+ Delivers agreed business value within defined tolerances for scope, schedule, and cost.

**Required** **Qualifications**

+ 10+ years of experience in security architecture, with some people management experience.

+ Broad expertise across information security technologies, processes, and control frameworks.

+ Strong ability to research, evaluate, and recommend emerging technologies and strategies.

+ Demonstrated experience aligning security capabilities with regulatory, legal, and industry frameworks (e.g., NIST CSF).

+ Familiarity with common security bodies of knowledge (e.g., NIST, ISACA, SANS, ISC2).

+ Proven ability to operate effectively in a complex, globally distributed organization.

+ Exceptional communication, stakeholder engagement, and executive influencing skills.

+ Experience working in agile and product-based delivery models, with a track record of successful transformation.

+ Experience evaluating vendors and supporting deployment and integration decisions.

**Skills:**

+ Automation

+ Influence

+ Result Orientation

+ Stakeholder Management

+ Technical Strategy Development

+ Application Development

+ Architecture

+ Business Acumen

+ Risk Management

+ Solution Design

+ Agile Practices

+ Analytical Thinking

+ Collaboration

+ Data Management

+ Solution Delivery Process

**Shift:**

1st shift (United States of America)

**Hours Per Week:**

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

View your **"Know your Rights (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12.pdf) "** poster.

**View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notic...) .**

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work.

This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.