When you step into SEI – anywhere in the world – you know you’re not inside a traditional financial services company. We have no offices. Our open innovation spaces spur creativity, the provocative artwork inspires conversation, and the flexible work-life balance drives personal and professional growth. We are a place to inspire your work, build your voice, and grow your community. We’re different. And we’re proud of it.
What you’ll do:
- Establish core architecture principles, patterns and decisions for the SEI Azure platform with a focus on scale and governance
- Socialize and foster the adoption of cloud security standards, patterns and polices across the enterprise using repeatable design patterns
- Ensure that all cloud solutions follow security, compliance controls, and conform to SEI Information Security standards.
- Partner with the various product teams and operationalize the security operating model for the SEI Azure landing zone and the business workloads
- Operationalize the delegated security responsibility model where product teams can independently adopt cloud services in a secure fashion with oversight
- Provide security reference code and perform code reviews of the terraform Infrastructure-as-Code modules of the various product teams
- Deploy Azure policies and custom inspection tools to audit and inspect the deployed infrastructure for security and compliance
- Review the Azure Security Center audit findings and define steps for remediation
What you bring to the table:
- BS/BA in Computer Science, Management Information Systems or equivalent work experience
- 3 years of experience in security architecture
- 3 years of cloud networking, infrastructure management concepts and tools including: VPN, Firewalls, Hyper-V, System Center and Storage
- 3 years of hands-on experience with DevOps concepts and strategies
- Experience scripting in PowerShell, Python, Go, Perl or other languages
- Kubernetes & Container security experience a plus
- Security Certifications – CSA CCSK and either ISC2 CCSP or CISSP highly preferred
- Experience with successful IaaS, PaaS, & SaaS cloud architecture solutions for large organizations with proven sustained and secure deployments
- Familiarity with security patterns for azure cloud computing platforms such as:
- App services, Functions (e.g. FaaS), AKS, ML & AI platforms, Storage & Data services
- Experience with identity and access management frameworks like
- AAD, PIM, OAuth, OpenID, SAML
- Experience with one or more security frameworks (e.g. CSA, CIS)
- Practical experience with a major cloud platform preferably Azure.
- Practical experience with continuous integration concepts and tools including but not limited to Azure DevOps, Jenkins and GitHub
- Practical experience with prominent Infrastructure as Code tools like Terraform, Azure Resource Manager (ARM), Ansible, etc.
- Expertise securing MS Teams and O365 deployments a plus
- Expertise with cloud-native development methodologies and security patterns a plus
- Cloud Provider Certification
Attributes we value:
- Ability to adapt to changing priorities and willing to learn and advise on new developments and patterns
- Good analytical and interpersonal skills
- Good verbal and written communication skills
SEI is an Equal Opportunity Employer and so much more…
After 50 years in business, SEI is a leading global provider of investment processing, investment management, and investment operations solutions. Reflecting our experience within financial services and financial technology our Oaks, PA office encompasses an open floor plan and numerous art installations designed to encourage innovation and creativity in our workforce. We recognize that our people are our most valuable asset and that a healthy, happy, and motivated workforce is key to our continued growth. At SEI, we’re (literally) invested in your success. We offer our employees paid parental leave, back-up childcare arrangements, paid volunteer days, education assistance and access to thriving employee networks.
SEI is an equal opportunity / affirmative action employer.