×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Cloud Computing: Infrastructure & Operations

Principal Security Architecture - Digital Solutions

Job in Charlotte, Mecklenburg County, North Carolina, 28245, USA
Listing for: Ally Financial Inc.
Full Time position
Listed on 2026-06-07
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Cloud Computing: Infrastructure & Operations
Salary/Wage Range or Industry Benchmark: 110000 - 180000 USD Yearly USD 110000.00 180000.00 YEAR
Job Description & How to Apply Below
## Principal Security Architecture - Digital Solutions .### General information

Career area

Technology

Work Location(s)601 S. Tryon Street, NCRemote?

No

Ref #22384

Posted Date
06-02-26

Working time

Full time### Ally and Your Career Ally Financial only succeeds when its people do - and that’s more than some cliché people put on job postings. We live this stuff! We see our people as, well, people - with interests, families, friends, dreams, and causes that are all important to them. Our focus is on the health and safety of our teammates as well as work-life balance and diversity and inclusion.

From generous benefits to a variety of employee resource groups, we strive to build paths that encourage employees to stretch themselves professionally. We want to help you grow, develop, and learn new things. You’re constantly evolving, so shouldn’t your opportunities be, too?

Work Schedule:

Ally designates roles as (1) fully on-site, (2) hybrid, or (3) fully remote. Hybrid roles are generally expected to be in the office a certain number of days per week as indicated by your manager. Your hiring manager will discuss this role's specific work requirements with you during the hiring process. All work requirements are subject to change at any time based on leader discretion and/or business need.###

The Opportunity At Ally, you get a startup feel, but experience the benefits of a company that has worked out the kinks and is fulfilling its purpose. We are always evolving and see that as a good thing. From owning our work to seeing its impact in the real world, our team is relentless in finding new ways technology can help make experiences better and help people.

We are problem solvers, we value diverse thinking, we support one another, and we challenge ourselves to think bigger in the journey to deliver customer-obsessed tech solutions. To read more about what our tech team does, be sure to visit our tech blog hLead the security architecture, standards, and governance for customer- and employee-facing digital platforms and enabling services. Ensure solutions are secure by design, compliant with regulatory requirements, and resilient to evolving threats.

Shape the roadmap for foundational security capabilities across the digital portfolio, including secure adoption of GenAI.At this time, Ally will not sponsor a new applicant for employment authorization for this position.### The Work Itself
** Architecture & Governance
*** Lead end-to-end security architecture reviews for digital solutions (web, mobile, APIs, microservices, integrations) and drive risk treatment.
* Maintain reference architectures, secure patterns, and standards across IAM, data, network, cloud, and third-party/SaaS.
* Perform threat modeling and security risk assessments (e.g., OWASP, API abuse, supply chain threats).
* Own and evolve the digital security architecture roadmap aligned to business priorities, regulation, and measurable risk reduction.
* Engineering Enablement.
* Embed security in CI/CD and SDLC (secure coding guidance, security testing, cloud-native guardrails).
* Communicate recommendations clearly to engineers and leadership; influence design decisions and risk acceptance outcomes.
** Core Security Domains
*** IAM: authentication/authorization, federation/SSO, least privilege, service-to-service identity.
* Network: segmentation, ingress/egress controls, API gateway/WAF, DDoS, secure connectivity.
* Data: classification, encryption, tokenization/masking (where applicable), key/secrets management.
* Cloud: AWS/Azure secure baselines and architecture patterns aligned to organizational standards.
* Third-party/SaaS: security due diligence, onboarding/contractual security controls, monitoring, and ongoing assurance.
* Application Security:
Establish integration security standards (API schemas, mTLS/OAuth2/OIDC patterns, token storage/rotation, webhook security, idempotency/replay protections, and rate limiting/abuse detection).
** GenAI Security
*** Define secure GenAI patterns (LLM access controls, prompt/response handling, RAG security, agent/tooling boundaries).
* Threat model GenAI use cases (prompt injection, data leakage, model…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search