Principal Application Security Architect

Principal Security Architect

Where ambition meets innovation

Build a career that matches all your initiative with an impressive dose of innovation. From cutting-edge resources and a collaborative environment to the freedom to make an impact and more, you'll find the ingredients you need at LPL Financial to shape your success while helping clients pursue their financial goals.

Job Overview:

LPL's Information Security team is seeking an exceptional Principal Security Architect to engage on API project efforts in Cloud, On-prem and Data security architectures. As the Principal Application Security Architect at LPL, you will work side by side with our Development, Operations, Business units, and Enterprise Architecture teams to ensure our environments are secured and monitored. The right person for this role will have a broad technical cloud security background with a focus on security design, detection, prevention, and response to security threats.

Responsibilities:

• Secure APIs by implementing robust access control mechanisms, OAuth, JWT, and configuring API gateway security to ensure authenticated and authorized access.
• Develop reusable security design patterns addressing common cybersecurity challenges, ensuring consistency and best practices across diverse technology stacks and business domains.
• Craft clear, actionable security standards and policies, aligning them with industry best practices and regulatory requirements while ensuring adaptability to emerging technologies.
• Lead the design and innovation of security architectures, integrating advanced technologies to protect against evolving threats while enabling business agility and growth.
• Collaborate with key stakeholders to align security initiatives with business objectives, ensuring broad support and integration at all levels.
• Expertise in cybersecurity frameworks, network security, cloud security, identity management, and encryption, with proficiency in implementing zero-trust architectures and secure DevOps practices across diverse IT environments.
• Threat modeling, risk assessment, and vulnerability management, coupled with experience in SIEM implementation, log analysis, and incident response in complex enterprise settings.
• Conduct thorough threat analysis using intelligence and analytics to identify and mitigate potential security risks proactively, reducing business impact.
• Implement and oversee a risk management framework, balancing security investments with business needs to protect assets while supporting growth and innovation.
• Securing machine learning models against adversarial attacks, ensuring data privacy in AI training sets, and implementing ethical AI principles in security applications.
• Develop secure AI/ML pipelines, including model integrity verification, secure feature engineering, and anomaly detection in AI-driven systems.

What are we looking for?

We want strong collaborators who can deliver a world-class client experience. We are looking for people who thrive in a fast-paced environment, are client-focused, team oriented, and are able to execute in a way that encourages creativity and continuous improvement.

Requirements:

• 3+ years of security architecture and API security, designing secure API gateways and microservices architectures
• 8+ years of experience with information security controls, guidelines, and standards (e.g., ISO27000 series, OWASP, CSA CCM, CIS 20 Critical Security Controls, SOX, and NIST).

Core Competencies:

• Must be self-driven, yet flexible and highly adept at consulting, negotiating, communicating, consensus building, and presenting.
• Ability to remain calm under pressure while managing multiple tasks.
• Demonstrated ability to learn from mistakes and apply constructive feedback to improve performance.

Preferences:

• Bachelor's Degree or equivalent years of experience
• Technical knowledge/coding skills in any of the following: Java, C#.Net, Ruby and/or Python
• In-depth knowledge of AWS and its core services, including EC2, S3, IAM, VPC, and security-related services like security groups, ACLs AWS Security Hub, AWS WAF, and Amazon GuardDuty.
• Working knowledge of Terraform, Cloud Formation, Pulumi, and/or Ansible.
• Solid experience securing scalable web architectures and distributed systems.
• Solid understanding of malware, emerging threats, attacks, and vulnerability management.
• CCSP/Other Cloud Specific Certification, CISSP and/or GIAC are a plus.
• AI/ML security. Proven record securing ML models and AI pipelines in financial services.
• Proficient in ML algorithms, deep learning frameworks, AI ethics. Experienced in AI/ML security controls. Expert in OAuth, OpenID Connect, JWT. Proficient in API threat modeling, automated security testing.

Pay Range:

$168,817.00 - $281,293.00 Actual base salary varies based on factors, including but not limited to, relevant skill, prior experience, education, base salary of internal peers, demonstrated performance, and geographic location. Additionally, LPL Total Rewards package is highly competitive, designed to support your success at work, at home, and at play – such as 401K matching, health benefits, employee stock options, paid time off, volunteer time off, and more. Your recruiter will be happy to discuss all that LPL has to offer!

Company Overview:

LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. As a leader in the financial advisor-mediated marketplace, LPL supports over 32,000 financial advisors and the wealth management practices of approximately 1,100 financial institutions, servicing and custodying approximately $2.3 trillion in brokerage and advisory assets on behalf of approximately 8 million Americans. The firm provides a wide range of advisor affiliation models, investment solutions, fintech tools and practice management services, ensuring that advisors and institutions have the flexibility to choose the business model, services, and technology resources they need to run thriving businesses. For further information about LPL, please visit

At LPL, independence means that advisors and institution leaders have the freedom they deserve to choose the business model, services, and technology resources that allow them to run a thriving business. They have the flexibility to do business their way. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors and institutions, so they can take care of their clients.

For further information about LPL, please visit

Join the LPL team and help us make a difference by turning life's aspirations into financial realities. Please log in or create an account to apply to this position. Principals only. EOE.

Information on Interviews:

LPL will only communicate with a job applicant directly from an @lplfinancial.com email address and will never conduct an interview online or in a chatroom forum. During an interview, LPL will not request any form of payment from the applicant, or information regarding an applicant's bank or credit card. Should you have any questions regarding the application process, please contact LPL's Human Resources Solutions Center at View phone number on click.appcast.io.