Americas Tax Technology Group - Security Architect - Senior Manager
Listed on 2026-06-26
-
IT/Tech
Cybersecurity, Information Security
US - Tax – Americas Tax Technology Group – Security Architect – Senior Manager
Location:
Dallas, Nashville, Chicago, Atlanta
At EY, we’re all in to shape your future with confidence.
We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.
The opportunityAs a member of the Americas Tax Technology Group (ATTG), you will join a technology organization dedicated to developing and maintaining innovative solutions that support our client-facing Tax professionals. ATTG collaborates closely with Tax to create digital and mobile tools designed to enhance internal operations, as well as advanced capabilities in data-driven management, workflow optimization, analytics, automation, and artificial intelligence to address current challenges and shape future opportunities.
The Information Security Architect role is part of the Architecture and Standards pillar, which designs market-leading solutions and sets standards for ATTG. This role will translate enterprise security policy, regulatory expectations, and client requirements into scalable, enforceable controls embedded within engineering, platform, and operational workflows.
Your key responsibilities- Design and mature information security capabilities across a defined platform or product ecosystem.
- Translate enterprise policies and security standards into practical control frameworks, design patterns, and implementation guidance.
- Define target-state security capabilities and drive adoption through repeatable, scalable processes.
- Establish meaningful metrics to measure control effectiveness, remediation progress, and overall program maturity.
- Embed security controls into software delivery and cloud engineering workflows, including CI/CD pipelines and pre-deployment validation.
- Partner with engineering teams to implement secure‑by‑design practices and preventative controls such as secrets protection, vulnerability gating, and policy enforcement.
- Promote automation and integration of security tooling to improve detection, prioritization, and remediation workflows.
- Lead risk identification, prioritization, and remediation planning for assigned platforms and services.
- Support internal audits, external assessments, regulatory reviews, and client assurance activities.
- Maintain documentation, control evidence, and implementation artifacts that are clear, defensible, and audit ready.
- Oversee implementation of security controls across cloud infrastructure, identity, application, and workload environments.
- Drive continuous monitoring and risk visibility for vulnerabilities, misconfigurations, and control gaps.
- Serve as a key interface across Engineering, Architecture, Risk, Compliance, and Information Security teams.
- Drive alignment on priorities, governance, and remediation strategies across multiple stakeholders.
- A bachelor's degree (computer science, engineering, accounting, finance preferred) or equivalent work experience.
- Master's degree preferred.
- 8–12+ years of experience in Information Security, Cloud Security, Security Architecture, or a related field.
- Approved technical certification is required.
- Demonstrated experience designing and operationalizing enterprise or platform security programs.
- Strong understanding of cloud security principles, with experience in Azure or comparable cloud environments.
- Experience working with audit, compliance, or regulatory frameworks in complex enterprise environments.
- Experience embedding security into Dev Sec Ops and CI/CD pipelines.
- Familiarity with integrated security tooling across areas such as SAST, DAST, SCA, container security, CNAPP, and workflow or remediation platforms.
- Experience establishing measurable security outcomes such as vulnerability reduction, SLA performance, backlog trends, and control of health metrics.
- Background in highly regulated industries or client-facing assurance environments.
- Experience building closed‑loop remediation processes from issue detection through validation and reporting.
- Ability to understand and…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).