Jobs · Information Technology · Tennessee

Americas Tax Technology Group - Security Architect - Senior Manager

EY · Nashville, TN · 3 wk ago
On-siteInformation Technology$90k–$260k/yrFull-time

About the role

The Information Security Architect role is part of the Architecture and Standards pillar, which designs market-leading solutions and sets standards for ATTG. This role will translate enterprise security policy, regulatory expectations, and client requirements into scalable, enforceable controls embedded within engineering, platform, and operational workflows.

Responsibilities

  • Design and mature information security capabilities across a defined platform or product ecosystem.
  • Translate enterprise policies and security standards into practical control frameworks, design patterns, and implementation guidance.
  • Define target-state security capabilities and drive adoption through repeatable, scalable processes.
  • Establish meaningful metrics to measure control effectiveness, remediation progress, and overall program maturity.
  • Embed security controls into software delivery and cloud engineering workflows, including CI/CD pipelines and pre-deployment validation.
  • Promote automation and integration of security tooling to improve detection, prioritization, and remediation workflows.
  • Lead risk identification, prioritization, and remediation planning for assigned platforms and services.
  • Support internal audits, external assessments, regulatory reviews, and client assurance activities.
  • Maintain documentation, control evidence, and implementation artifacts that are clear, defensible, and audit ready.

Requirements

  • A bachelor's degree (computer science, engineering, accounting, finance preferred) or equivalent work experience.
  • Master's degree preferred
  • 8–12+ years of experience in Information Security, Cloud Security, Security Architecture, or a related field.
  • Approved technical certification is required
  • Demonstrated experience designing and operationalizing enterprise or platform security programs.
  • Strong understanding of cloud security principles, with experience in Azure or comparable cloud environments.
  • Experience working with audit, compliance, or regulatory frameworks in complex enterprise environments.
  • Experience embedding security into DevSecOps and CI/CD pipelines.
  • Familiarity with integrated security tooling across areas such as SAST, DAST, SCA, container security, CNAPP, and workflow or remediation platforms.
  • Experience establishing measurable security outcomes such as vulnerability reduction, SLA performance, backlog trends, and control of health metrics.
  • Background in highly regulated industries or client-facing assurance environments.
  • Experience building closed-loop remediation processes from issue detection through validation and reporting.

Skills and attributes for success

  • Ability to understand and learn tax and technology implications at a high level
  • Excellent organizational and project management skills as well as the ability to multitask on various projects in a fast-paced environment
  • Ability to work and team effectively with clients and high-level leadership personnel as well as influence all team members.

What we offer you

  • We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business.
  • Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 60% of the time over the course of an engagement, project or year.
  • Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Similar jobs