Senior Data Security Architect (Permanent – Hybrid – New York, NY, Stamford, CT, Holmdel, NJ, Bethlehem, PA, or Pittsfield, MA)

Senior Data Security Architect (Permanent – Hybrid – New York, NY, Stamford, CT, Holmdel, NJ, Bethlehem, PA, or Pittsfield, MA)

Glocomms has partnered with a major mutual life insurance company that’s actively seeking a highly experienced and strategic Senior Data Security Architect. This permanent position offers a flexible hybrid work model (3 days per week in-office) and can be based out of Manhattan, NY; Stamford, CT; Holmdel, NJ; Bethlehem, PA; or Pittsfield, MA.

This role is absolutely pivotal in shaping the client’s data security posture, leading the design and implementation of robust data protection frameworks across the entire enterprise. You’ll ensure compliance with complex global regulations and safeguard sensitive information throughout its entire lifecycle. The ideal candidate will bring deep technical expertise in cutting-edge data security technologies, a strong understanding of emerging AI/ML security risks, and the ability to effectively influence executive stakeholders and diverse cross-functional teams.

What You’ll Be Doing: Core Responsibilities in Data Protection Leadership

As a Senior Data Security Architect, you’ll be at the forefront of designing, implementing, and governing the data security landscape for a major financial institution. Your role combines deep technical architecture with strategic leadership, ensuring data is protected at every stage and in every environment.

• Design and Implement Data Protection Strategies: You will lead the effort to design and implement comprehensive data protection strategies that are tightly aligned with critical business objectives and stringent regulatory requirements. This involves understanding the flow of sensitive data across the enterprise and developing holistic solutions that protect it from creation to destruction.
• Develop and Maintain Secure Data Lifecycle Architectures: You’ll be responsible for developing and maintaining robust secure data lifecycle architectures. This includes establishing and enforcing meticulous data classification schemes (identifying data sensitivity levels), defining data retention policies (how long data is kept), and implementing secure data destruction policies (how data is irrevocably deleted). Your work ensures data is protected throughout its entire journey within the organization.
• Lead Data Governance, Privacy, and Audit Readiness Initiatives: You will take a leading role in initiatives concerning data governance, data privacy, and audit readiness. This involves ensuring full compliance with global regulations such as HIPAA (Health Insurance Portability and Accountability Act), CCPA (California Consumer Privacy Act), and other relevant jurisdictional regulations that dictate how sensitive data (especially health and personal financial information) must be handled. Your efforts will prepare the organization for rigorous audits and maintain its trusted reputation.
• Create and Maintain Reference Architectures and Prescriptive Blueprints: You will design and maintain reference architectures and prescriptive blueprints for secure data environments. These artifacts serve as authoritative guides for engineering teams, outlining best practices, recommended technologies, and standardized configurations for deploying secure data solutions across the enterprise, ensuring consistency and adherence to security principles.
• Provide Executive-Level Reporting on Data Security Posture: A critical communication responsibility involves providing executive-level reporting on the organization’s data security posture, identified risks, and implemented mitigation strategies. This requires the ability to distill complex technical and risk information into clear, concise, and impactful reports and presentations tailored for senior leadership, enabling informed strategic decision-making.
• Collaborate to Secure Cloud Data Services: You will work in close collaboration with engineering, data science, and compliance teams to meticulously secure cloud data services. This includes protecting data stored and processed on platforms such as AWS (Amazon Web Services), Databricks (for data analytics and AI), and Snowflake (cloud data warehousing). Your expertise will ensure secure configurations, access controls, and data protection mechanisms within these cloud environments.
• Implement and Manage Data Protection Techniques: You will implement and manage a suite of advanced data protection techniques. This includes ensuring data is protected through encryption (in transit, at rest, and even in use), deploying tokenization (replacing sensitive data with non-sensitive substitutes), implementing data masking (obscuring sensitive data for non-production environments), and utilizing anonymization techniques to protect privacy while allowing for data analysis.
• Oversee Data Loss Prevention (DLP) Programs and Tools: You will have direct oversight of Data Loss Prevention (DLP) programs and tools. This involves strategizing, implementing, and managing DLP solutions to prevent sensitive information from leaving the organization’s control, whether through accidental leakage or malicious exfiltration. You’ll define policies, monitor alerts, and ensure effective incident response related to data exfiltration attempts.
• Evaluate and Integrate Data Governance Platforms: You will actively evaluate and integrate leading data governance platforms such as Collibra, Informatica, and Microsoft Purview. This involves assessing their capabilities for data cataloging, data lineage, data quality, and policy enforcement, and then integrating them into the existing data ecosystem to enhance overall data management and compliance.
• Lead Security Efforts for AI/ML Pipelines: You will take a pioneering role in leading security efforts specifically for AI/ML pipelines. This includes addressing cutting-edge risks such as agentic security (securing autonomous AI agents), implementing robust model governance (ensuring models are fair, unbiased, and transparent), and protecting against emerging threats like adversarial attacks (manipulating AI inputs to cause errors), prompt injection (exploiting LLMs through malicious prompts), data leakage (unintended exposure of training data), and model inversion (reconstructing training data from model outputs). Your work will directly secure the firm’s advanced AI capabilities.
• Partner with Vendors and Stakeholders to Influence Technology Roadmaps: You will strategically partner with external vendors and internal stakeholders (e.g., product teams, engineering leads) to influence technology roadmaps. This ensures that future tools, platforms, and services align with the firm’s data security best practices, emerging threats, and long-term strategic goals, embedding security by design.

Qualifications: Your Foundation for Leadership in Data Security

To excel as a Senior Data Security Architect, you’ll need extensive experience in data security, a deep understanding of cloud and AI security, and strong communication and leadership abilities.

Required Qualifications:

• Extensive Experience in Data Security Architecture: You must possess 8+ years of verifiable experience in data security architecture or closely related roles. This extensive background demonstrates a proven track record of designing, implementing, and managing robust data protection frameworks within complex enterprise environments.
• Proven Expertise in Cryptography, Data Protection, and Cloud Security: You must have proven expertise in cryptography (understanding encryption, hashing, digital signatures, key management), data protection methodologies (e.g., data masking, tokenization, anonymization), and comprehensive cloud security principles and implementations. This multi-faceted expertise is foundational to protecting data in modern, distributed systems.
• Strong Knowledge of AI/ML Security: You are required to have strong knowledge of AI/ML security, including an understanding of the vulnerabilities and risks associated with Generative AI systems and LLM (Large Language Model) pipelines. This also encompasses familiarity with emerging threats like prompt injection, data leakage, and adversarial attacks targeting AI models. Your ability to secure these advanced systems is critical.
• Experience with Secure Data Lakes, MLOps Pipelines, and Cloud-Native Architectures: You must have hands-on experience with secure data lakes (designing and implementing security controls for large-scale data repositories), MLOps pipelines (securing the end-to-end machine learning lifecycle from data ingestion to model deployment), and cloud-native architectures (understanding how security is integrated into cloud-specific services and designs).
• Familiarity with Compliance Frameworks and Legal Considerations: You possess strong familiarity with major compliance frameworks (e.g., GDPR, CCPA, HIPAA, PCI DSS, SOX) and critical legal considerations around data jurisdiction and privacy. This knowledge is essential for designing solutions that meet complex regulatory requirements in a global financial context.
• Excellent Communication Skills for Executive Presentations: You must demonstrate excellent communication skills, both verbal and written, with the specific ability to present complex technical topics and risk analyses clearly and concisely to executive leadership. Your ability to translate security posture into business implications is paramount.
• Demonstrated Ability to Lead Cross-Functional Collaboration: You must have a demonstrated ability to lead cross-functional collaboration across diverse teams (e.g., engineering, legal, compliance, business units) and effectively manage vendor relationships. This highlights your leadership, negotiation, and interpersonal skills in driving collective security outcomes.

Preferred Certifications:

Possession of the following industry-recognized certifications is highly preferred, further validating your expertise:

• CISSP (Certified Information Systems Security Professional): A globally recognized certification for information security professionals.
• CISM (Certified Information Security Manager): Focuses on information security management from a business risk perspective.
• CCSP (Certified Cloud Security Professional): Validates expertise in cloud security architecture and operations.
• CIPP/US (Certified Information Privacy Professional/United States): Demonstrates knowledge of U.S. privacy laws and regulations.
• GIAC Data Protection (GDAT): A specialized certification in data protection and privacy.
• AWS Certified Security – Specialty: Validates expertise in securing data and workloads in AWS.

If this Senior Data Security Architect role, based in New York, Stamford, Holmdel, Bethlehem, or Pittsfield, aligns with your extensive data security architecture experience, your expertise in AI/ML security, and your passion for shaping data protection in a leading financial firm, we encourage you to learn more about this exciting permanent, hybrid opportunity. This is a chance to make a profound impact on global data security.

To take the next step in your career and contribute to vital data protection frameworks, please apply directly! Please note: the client is not able to sponsor a visa now or in the future for this position.