Principal Security Architect – Data Protection and Workplace Security
Listed on 2026-07-02
-
IT/Tech
Cybersecurity, Information Security, Data Security
General Information
# 22592
Remote? No
Ally and Your Career
Ally Financial only succeeds when its people do - and that’s more than some cliché people put on job postings. We live this stuff! We see our people as, well, people - with interests, families, friends, dreams, and causes that are all important to them. Our focus is on the health and safety of our teammates as well as work‑life balance and diversity and inclusion.
From generous benefits to a variety of employee resource groups, we strive to build paths that encourage employees to stretch themselves professionally. We want to help you grow, develop, and learn new things. You’re constantly evolving, so shouldn’t your opportunities be, too?
At Ally, you get a startup feel, but experience the benefits of a company that has worked out the kinks and is fulfilling its purpose. We are always evolving and see that as a good thing. From owning our work to seeing its impact in the real world, our team is relentless in finding new ways technology can help make experiences better and help people.
We are problem solvers, we value diverse thinking, we support one another, and we challenge ourselves to think bigger in the journey to deliver customer‑obsessed tech solutions. To read more about what our tech team does, be sure to visit our tech blog h.
Lead the strategy, design, and governance of enterprise security architecture across data protection and workplace security domains.
This role is accountable for defining the target‑state security architecture and driving execution across critical capabilities, including data security, enterprise data platforms (e.g., Snowflake), email security, and endpoint protection.
Ensure security solutions are aligned with business priorities, enterprise architecture standards, regulatory requirements, and risk management objectives.
This role partners across security engineering, infrastructure, workplace technology, data platform, architecture, risk, and compliance organizations to drive consistent, scalable, and resilient security outcomes protecting enterprise users, devices, communications, and sensitive data while enabling business agility.
At this time, Ally will not sponsor a new applicant for employment authorization for this position.
The Work ItselfKey Responsibilities
- Own and define the strategic roadmap, standards, and target‑state architecture for data protection and workplace security capabilities.
- Provide enterprise‑wide architectural leadership across data security, enterprise data platforms, email security, and endpoint security domains.
- Enforce architecture governance to ensure security requirements are embedded in business and technology initiatives.
- Drive development and adoption of reference architectures, design patterns, and implementation standards across the enterprise.
- Partner with engineering, infrastructure, workplace technology, and data platform leaders to enable secure‑by‑design delivery and lifecycle management of security capabilities.
- Continuously assess security posture, identify systemic control gaps, and lead remediation strategies and capability maturity improvements.
- Serve as a senior subject matter expert for data protection and workplace security technologies, including DLP, data classification, encryption, masking, endpoint protection, EDR/XDR, secure email controls, and device hardening.
- Lead architectural strategy for securing modern data platforms, including Snowflake, data lakes, and data warehouse environments.
- Define enterprise patterns for secure data access, protection, monitoring, and governance across data platforms.
- Oversee vendor strategy, product evaluations, and architectural due diligence to ensure alignment with long‑term security strategy.
- Partner with risk, privacy, legal, compliance, and incident response leadership to ensure control alignment and operational effectiveness.
- Lead and influence threat modeling, architecture review processes, and security risk assessments.
- Ensure alignment with enterprise security policies, regulatory obligations, and industry control frameworks.
- Communicate architecture strategy, roadmaps, and risk posture to executive…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).