BBVA Compass


Job ID
FLSA Status


Future of Banking


At BBVA, we’re working to make banking better for everyone. That’s where you come in. We’re looking for smart, team-oriented people who want to be part of a first-class workforce that gives people the tools they need to meet their financial goals, all while delivering an outstanding client experience.


Learn more below.


What will you be doing?

Provide technical leadership to deliver enterprise security architecture, engineering, and implementation. This role is action and solution oriented with an emphasis on architecting security solutions that enable BBVA Compass to meet business goals as well as customer and regulatory requirements.


This position is a leadership role for Security Architecture reporting to the Executive Director of Architecture and will ensure we are building secure applications and services based in Cloud and Local premises environment.  Role Scope include all functions for designing, defining, selecting tools and implementation, including the customization of security global solutions to local requirements if needed. Specifically within the areas of:

  • Authentication & Access Control
  • Cryptography & PKI
  • Endpoint  & Network Security
  • Platform & Application security
  • Security in application lifecycle
  • Data Architecture Security


Your primary responsibility will be to manage the Team, as well as performing security assessments, security design, and developing, reviewing, implementing security technologies.

Additionally you will be the Technical contact for supporting the requirement needs within Security aspects for bank projects. This position requests for a commitment to collaborative problem solving, sophisticated design, and product quality as essential features.


Detailed Responsibilities

  • New project ER&CA Assessment Function


Local Security Architect Function will work in the Security Assessment of new local initiatives within BBVAC. This role ensures that in this assessment, all requirements from local ER&CA are evaluated for the new project including (IT Risk, Compliance, Business Continuity, etc)


These specialist areas within ER&CA must provide the appropriate guidelines to make sure their requirements are placed in the Security Assessment. The team doing the assessment of a new project will ask or consult any doubt or concern they may have so the security assessment can be fulfilled.


This assessment will be a part of the document that Solutions Architect will provide as a solution for the project.


Apart from this function, local Security Architecture will follow the pre-established circuits within global ER&CA for managing IT risks.


  • Security Design


Whenever a new project is being analyzed, local security team is responsible for making the Security Design (technical) to address the ER&CA assessment done for that particular project.


This design will be aligned with the global architecture strategy, will address the IT risks not accepted and will be part of the solutions document delivered by Solution Architecture.


  • Security Technologies


Whenever a new Security technology is required (due to a new project or due to Security requirement), Local security architecture will contact Global Security architecture (and Security architecture community) for input and resolution.


If global security architecture decides so, Local Security Architecture will look for a local solution. In this sense, Local Security architecture will be responsible for selecting, implementing and configuring this solution.


  • Security Architecture community


All Local Security Architecture team members will be part of the global Security Architecture community. In this community strategy will be shared and local Security architect team members will share local context information, doubts and requests for new functionality of the security products built at home or new product requirements.


  • Approved Security Technologies


The Security Architecture community will maintain a set of security technologies to address security concerns. Any exception to this list must be solicited by local security architecture and approved by global security architecture teams.


What you will bring:

  • Minimum of seven years of experience in enterprise security architecture including security architecture review, design, implementation, and operations experience
  • Strong expertise in systems (servers, operating systems, virtualization, cloud services, and storage) and networking technologies (communication protocols, infrastructure)
  • Strong leadership, project, and team building skills, including the capability to lead teams and drive projects and initiatives by working effectively with others, demonstrating the ability to work cross-departmentally
  • Team oriented and skilled in working within a collaborative environment; a strong collaborator who shares ideas, builds documentation, and implements best practices
  • Conceptual and analytical thinker; ability to extract, analyze, and document/build complex business and technical requirements/plans/strategies with customers and team members
  • Extensive knowledge of and ability to design secure solutions that will meet various compliance frameworks including NIST, ISO/IEC 27000, PCI, as well as global and regional privacy mandates
  • Bachelor’s in computer science or information security; master’s in information security and CISSP (+ISSAP or ISSEP) preferred


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.