Principal Security Architect (API/AI & ML)

Are you a team player? Are you curious to learn? Are you interested in working on meaningful projects? Do you want to work with cutting-edge technology? If so, LPL Financial is the place for you!

Job Overview:

LPL's Information Security team is seeking an exceptional Principal Security Architect to engage on AI & API project efforts in Cloud, On-prem and Data security architectures. As the VP, Principal Security Architect at LPL, you will work side by side with our Development, Operations, Business units, and Enterprise Architecture teams to ensure our environments are secured and monitored. The right person for this role will have a broad technical cloud security background with a focus on security design, detection, prevention, and response to security threats.

Responsibilities:

1. Expertise in cybersecurity frameworks, network security, cloud security, identity management, and encryption, with proficiency in implementing zero-trust architectures and secure DevOps practices across diverse IT environments.
2. Advanced knowledge of threat modeling, risk assessment, and vulnerability management, coupled with experience in SIEM implementation, log analysis, and incident response in complex enterprise settings.
3. Proficiency in securing machine learning models against adversarial attacks, ensuring data privacy in AI training sets, and implementing ethical AI principles in security applications.
4. Experience in developing secure AI/ML pipelines, including model integrity verification, secure feature engineering, and anomaly detection in AI-driven systems.
5. Secure APIs by implementing robust access control mechanisms, OAuth, JWT, and configuring API gateway security to ensure authenticated and authorized access.
6. Ability to develop reusable security design patterns addressing common cybersecurity challenges, ensuring consistency and best practices across diverse technology stacks and business domains.
7. Expertise in crafting clear, actionable security standards and policies, aligning them with industry best practices and regulatory requirements while ensuring adaptability to emerging technologies.
8. Lead the design and innovation of security architectures, integrating advanced technologies to protect against evolving threats while enabling business agility and growth.
9. Collaborate with key stakeholders to align security initiatives with business objectives, ensuring broad support and integration at all levels.
10. Conduct thorough threat analysis using intelligence and analytics to identify and mitigate potential security risks proactively, reducing business impact.
11. Implement and oversee a risk management framework, balancing security investments with business needs to protect assets while supporting growth and innovation.

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment , are client-focused , team oriented , and are able to execute in a way that encourages creativity and continuous improvement .

Requirements:

1. 3+ years in AI/ML security. Proven record securing ML models and AI pipelines in financial services.
2. Proficient in ML algorithms, deep learning frameworks, AI ethics. Experienced in AI/ML security controls. Expert in OAuth, OpenID Connect, JWT. Proficient in API threat modeling, automated security testing.
3. 3+ years in API security. Proven record designing secure API gateways and microservices architectures.
4. 8+ years of experience working knowledge of information security controls, guidelines, and standards (e.g., ISO27000 series, OWASP, CSA CCM, CIS 20 Critical Security Controls, SOX, and NIST).
5. 8+ years of experience with technical knowledge/coding skills in any of the following: Java, C# .Net, Ruby and/or Python.

Core Competencies:

1. Must be self-driven, yet flexible and highly adept at consulting, negotiating, communicating, consensus building, and presenting.
2. Ability to remain calm under pressure while managing multiple tasks.
3. Demonstrated ability to learn from mistakes and apply constructive feedback to improve performance.

Preferences:

1. Bachelor's Degree or equivalent years of experience.
2. In-depth knowledge of AWS and its core services, including EC2, S3, IAM, VPC, and security-related services like security groups, ACLs AWS Security Hub, AWS WAF, and Amazon GuardDuty.
3. Working knowledge of Terraform, Cloud Formation, Pulumi, and/or Ansible.
4. Solid experience securing scalable web architectures and distributed systems.
5. Solid understanding of malware, emerging threats, attacks, and vulnerability management.
6. CCSP/Other Cloud Specific Certification, CISSP and/or GIAC are a plus.

Pay Range: $149,000.00 - $248,300.00 Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play.

Information on Interviews: LPL will only communicate with a job applicant directly from an @lplfinancial.com email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant’s bank or credit card. Should you have any questions regarding the application process, please contact LPL’s Human Resources Solutions Center at (855) 575-6947.