Security Architect Engineer

At Customers Bank, we believe in working hard, working smart, working together to deliver memorable customer experiences and having fun. Our vision, mission, and values guide us along our path to achieve excellence. Passion, attitude, creativity, integrity, alignment, and execution are cornerstones of our behaviors. They define who we are as an organization and as individuals. Everyone is encouraged to have personal development plans. By doing so, our team members are on their way to achieve their highest potential and be successful in their personal and professional lives.

This role is ONSITE in our Malvern, PA office Monday through Thursday with Friday remote.

Must be eligible to work in the U.S. without requiring sponsorship now or in the future.

Who is Customers Bank?

Founded in 2009, Customers Bank is a super-community bank with over $22 billion in assets. We believe in dedicated personal service for the businesses, professionals, individuals, and families we work with.

We get you further, faster.

Focused on you: We provide every customer with a single point of contact. A dedicated team member who's committed to meeting your needs today and tomorrow.

On the leading edge: We're innovating with the latest tools and technology so we can react to market conditions quicker and help you get ahead.

Proven reliability: We always ground our innovation in our deep experience and strong financial foundation, so we're a partner you can trust.

What you'll do:

• Cloud Security Architecture: Design, implement, and maintain secure architectures for cloud platforms (Azure, AWS, or others), ensuring alignment with security policies and regulatory requirements.
• Security Tools Configuration: Configure, maintain, and optimize security tools including CNAPP, CASB, SIEM, endpoint detection, vulnerability scanners, and cloud-native security controls.
• Defender & CASB Oversight: Manage and tune Microsoft Defender and Defender for Cloud Apps (CASB) to detect, prevent, and remediate threats across cloud environments, SaaS platforms, and endpoints.
• Security Baseline Compliance: Review and ensure that environments and resources consistently follow security baselines and frameworks such as CIS, NIST, and FFIEC.
• Secure Design & Guidance: Partner with infrastructure, DevOps, and application teams to provide security requirements and guidance for cloud projects and deployments.
• Documentation & Reporting: Maintain architecture diagrams, configuration documentation, and compliance reporting to support audits and regulatory exams.
• Incident Response Support: Provide expertise in responding to cloud-related security incidents and collaborate on remediation efforts.
• Continuous Improvement: Evaluate emerging cloud security tools and best practices to enhance protection and operational efficiency.
• API platform monitoring: Assist architecture team implement API monitoring platform. This includes API inventory and related data monitoring
• Perform monitoring: Provide metrics (KPIs and KRIs) supporting appropriate security monitoring and underlying processes.

What do you need?

• Must-Haves
• 5+ years' experience in security engineering, architecture, or operations, with at least 2 years in cloud security.
• Strong knowledge of cloud platforms (Azure, AWS, or GCP), including native security tools and services.
• Experience reviewing and managing network security configurations.
• Hands-on experience with configuring and maintaining security tools (SIEM, EDR, vulnerability management, IAM, cloud security posture management).
• Solid understanding of networking protocols, routing, and hybrid cloud connectivity.
• Bachelor's degree in Information Security, Computer Science, or related field, or equivalent work experience.
  

Key Skills

• Strong troubleshooting and analytical skills.
• Ability to balance security needs with business requirements.
• Excellent communication skills, with the ability to translate technical findings into clear, actionable recommendations.
• Proficiency in Microsoft Office applications for reporting and documentation.

• Nice-to-Haves
  • Cloud security certifications such as AZ-500 (Azure Security Engineer), AWS Security Specialty, CCSP, or CISSP.
  • Experience with Splunk, CrowdStrike, Tenable, Active Directory, and cloud-native logging/monitoring tools.
  • Knowledge of DevSecOps practices and integrating security into CI/CD pipelines.
  • Banking or financial services industry experience.

Customers Bank is an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

We also provide "reasonable accommodations", upon request, to qualified individuals with disabilities, in accordance with the Americans with Disabilities Act and applicable state and local laws.

Diversity Statement:

At Customers Bank, we believe in working smart, working together, and having fun while delivering innovative solutions and memorable experiences for our customers. We are committed to the continual advancement of a culture which reflects the value we place on diversity, equity, and inclusion. We honor the diverse experiences, perspectives, and identities of our team members, and we recognize that it is their passion, creativity, and integrity that drives our success. Step into your future with us Let's take on tomorrow.

---