Security Architect

Description Your Role The Security Architect supports the Cybersecurity mission of protecting and securing customer, associate, and shareholder’s most valuable information. This position has responsibilities for communicating information security requirements and reviewing architecture reference models to provide security recommendations for releases, major technology & process changes, and project initiatives. The Security Architect contributes reference documentation on approved architecture patterns and provides consulting services on security matters with technical and functional partners across the business. Helps define information security requirements, builds threat models, and provides thought leadership on cybersecurity risk assessments. Why You Belong Here At Victoria’s Secret & Co, we acknowledge your value. We recognize that every associate has something unique to add to our brand and business. We strive to recruit, retain, and advance diverse talent that reflects the customers we serve and the communities where we live and work. We foster a culture where everyone belongs because we know our business thrives most when we look for, listen to, and amplify diversity, equity, and inclusion. We place the customer at the heart of everything we do. We dream big, embrace curiosity and creativity while always learning from our mistakes. We lead with integrity, trust, and respect to achieve the best outcomes as one team. Your Impact • Information Security Architecture and Design Consulting • Participate in major technology projects to lead Cybersecurity matters for the project. • Review, design, and assess technical architecture and processes to provide documented information security requirements. • Review, design, and assess security of network, platform/OS, database, interface/integration, identity & access management systems. • Provide documented architecture patterns to be used by various technology teams across the business. • Understand regulatory drivers applicable to major technology projects and partner with other Cybersecurity and Legal Privacy team members to ensure compliance is addressed. • Lead security architecture assessments on initiatives involving innovation pilots and proofs of concepts that interface with customers, stores, direct or human resources systems. • Technical resource for the Cybersecurity team to define technical aspects of Cybersecurity regulatory assessment obligations (e.g., HIPPA, GDPR, Enterprise Security Assessment, Vendor Security Assessments, PCI, CCPA). • Review requested exceptions to cybersecurity policy. • Contribute technical content to cybersecurity polices and standards. • Contribute technical content regarding attack paths and provide other thought leadership to support cybersecurity risk assessments. • Maintain project status tracking. Click here for benefit details related to this position.