Principle Enterprise Security Architect - Director
Company: SMBC Group
Location: Charlotte
Posted on: December 31, 2025
|
|
|
Job Description:
SMBC Group is a top-tier global financial group. Headquartered
in Tokyo and with a 400-year history, SMBC Group offers a diverse
range of financial services, including banking, leasing,
securities, credit cards, and consumer finance. The Group has more
than 130 offices and 80,000 employees worldwide in nearly 40
countries. Sumitomo Mitsui Financial Group, Inc. (SMFG) is the
holding company of SMBC Group, which is one of the three largest
banking groups in Japan. SMFG’s shares trade on the Tokyo, Nagoya,
and New York (NYSE: SMFG) stock exchanges. In the Americas, SMBC
Group has a presence in the US, Canada, Mexico, Brazil, Chile,
Colombia, and Peru. Backed by the capital strength of SMBC Group
and the value of its relationships in Asia, the Group offers a
range of commercial and investment banking services to its
corporate, institutional, and municipal clients. It connects a
diverse client base to local markets and the organization’s
extensive global network. The Group’s operating companies in the
Americas include Sumitomo Mitsui Banking Corp. (SMBC), SMBC Nikko
Securities America, Inc., SMBC Capital Markets, Inc., SMBC
MANUBANK, JRI America, Inc., SMBC Leasing and Finance, Inc., Banco
Sumitomo Mitsui Brasileiro S.A., and Sumitomo Mitsui Finance and
Leasing Co., Ltd. Role Description The Principal Enterprise
Security Architect is a global technical and strategic authority
responsible for shaping, governing, and evolving the Enterprise
Security Architecture (ESA) strategy and roadmaps across the
organization. This role ensures that the enterprise remains secure,
resilient, and future-ready, with particular emphasis on cloud,
AI/agentic systems, regulatory compliance, and innovation.
Operating as a forward-looking strategist and hands-on expert, the
Principal Enterprise Security Architect will drive proactive
planning, anticipate emerging threats, and embed security into
every layer of the enterprise technology stack. They will play a
critical role in future-proofing the enterprise security posture by
integrating cutting-edge security capabilities and ensuring
alignment with global financial services regulatory expectations.
This role will have up to 10% domestic/international travel during
the fiscal year. Role Objectives Define and mature the global
enterprise security architecture strategy, ensuring alignment with
business goals, risk appetite, and regulatory obligations. Develop
and maintain multi-year security roadmaps, integrating emerging
technologies, regulatory shifts, and industry best practices.
Proactively plan for future-state architecture capabilities to
address AI/agentic system security, zero trust, and cloud-native
resilience. Act as a senior advisor to the Head of Enterprise
Security Architecture, CISO, and Technology leaders. Drive
enterprise-wide architectural governance, ensuring consistency
across global regions, platforms, and regulatory jurisdictions.
Champion innovation and future-proofing, continuously evaluating
new technologies. Evaluate cloud-native services and emerging
technologies, recommending secure integration strategies. Define
guardrails, standards, and patterns that ensure scalable and
resilient security strategy. Architect enterprise controls for
AI/ML systems, mitigating risks such as adversarial attacks, data
poisoning, model drift, and prompt injection. Design governance
models for agentic systems (autonomous AI agents) to ensure safety,
accountability, and alignment with regulatory expectations. Embed
AI risk management frameworks (NIST AI RMF, EU AI Act) into
enterprise security strategy. Partner with AI/ML, data science, and
enterprise architecture teams to ensure secure innovation in AI
adoption. Support regulatory reviews and audits, providing
enterprise-level architectural evidence and strategic risk
insights. i.e. NYSDFS, FRB, FFIEC, GDPR, CCPA, etc. Conduct
proactive risk-based architecture reviews for global initiatives,
cloud migrations, digital transformation, and AI deployments.
Represent security architecture in enterprise-wide architecture
boards, steering committees, and governance forums. Collaborate
with enterprise architects, technology strategists, and regional
security teams to ensure global alignment. Mentor and develop
future security architects, raising organizational technical depth
and strategic foresight. Qualifications and Skills Bachelor’s or
Master’s degree in Computer Science, Information Security, or
related field (or equivalent experience). 12 years of progressive
cybersecurity experience, with extensive exposure to enterprise and
cloud security architecture. Demonstrated experience developing and
executing enterprise security strategies and roadmaps in a global,
regulated financial services environment. Proven track record of
leading proactive planning, future-proofing security capabilities,
and driving innovation. Proven expertise across multiple domains
including cloud security (Azure, AWS, GCP), data protection
(KMS/HSM, PKI, tokenization, data masking, data residency), network
architecture, application security, identity & access management,
and zero trust. Application & API Security: DevSecOps integration,
API gateways, container/Kubernetes security. Infrastructure &
Network Security: Segmentation, cloud-native firewalls, IDS/IPS,
VPNs. AI/Agentic Security: Adversarial ML defense, AI pipeline
security, model governance, agentic system controls, NIST AI RMF
alignment. Strong knowledge of enterprise architecture frameworks
(e.g., TOGAF, SABSA, Zachman) and security frameworks (e.g., NIST
CSF, CIS, CRI Profile, CISA, ISO 27001). Deep understanding of
regulatory and compliance obligations in highly regulated
industries (NYDFS 23 NYCRR 500, FFIEC, GDPR, ISO 27001, NIST CSF)
Exceptional communication and influencing skills; able to work with
executives, regulators, and engineers alike. Preferred
certifications include CISSP, CISM, CISA, CRISC, SABSA, TOGAF,
CCSP, AWS/Azure/GCP Security, NIST AI RMF Practitioner, GIAC
Artificial Intelligence Security (AIS), or equivalent emerging
certifications. Additional Requirements SMBC’s employees
participate in a Hybrid workforce model that provides employees
with an opportunity to work from home, as well as, from an SMBC
office. SMBC requires that employees live within a reasonable
commuting distance of their office location. Prospective candidates
will learn more about their specific hybrid work schedule during
their interview process. Hybrid work may not be permitted for
certain roles, including, for example, certain FINRA-registered
roles for which in-office attendance for the entire workweek is
required. SMBC provides reasonable accommodations during candidacy
for applicants with disabilities consistent with applicable
federal, state, and local law.
Keywords: SMBC Group, Greenville , Principle Enterprise Security Architect - Director, IT / Software / Systems , Charlotte, South Carolina
