Description & Requirements


Our team: 

We are the CTO Security Service Infrastructure group. We solve complex systems problems, enabling our engineers to quickly ship new products, and prototype the next generation of infrastructure security technologies. Whether we’re designing our next generation security controls, or threat modeling our distributed systems, our goal is to define the future of how we secure Bloomberg’s infrastructure. That’s where you come in. 

 

As an architect and product manager in the CTO’s office, you’ll be trusted to understand the intersections between Bloomberg’s global technology footprint, unique software stack and security requirements, provide guidance for usable infrastructure security, ensure that logical security controls are manageable at our scale, and much more. Your leadership skills will influence the roadmap for future security technologies, while working alongside motivated engineers across the company to keep Bloomberg at the forefront. Our team works across many areas of security architecture, and you will have the opportunity to focus on the projects you are passionate about and bring your expertise to help reach our team’s goals. 



We'll expect you to: 

  • Develop a strategy for enterprise identity life cycle management and governance, building on industry best practices, charting a path to adoption in partnership with impacted teams.  
  • Develop a strategy to iterate on enterprise provisioning platforms, focusing on an integrated solution across different environments and principles that leverages our multi-factor authentication (MFA), single sign-on (SSO), adaptive authentication mechanisms and existing home-grown tooling. 
  • Evaluate opportunities to enhance our authentication, authorization, privileged access management and credential management technologies based on the organization's needs, charting a path towards an ideal state. 
  • Ensure appropriate auditing and reporting capabilities are built into and across the various potential solutions with performance indicators, compliance, and regulatory requirements in mind. 
  • Take a leadership role in defining tools, techniques and technologies used to secure Bloomberg’s infrastructure and systems. 
  • Identify, document, and report on potential risks and develop mitigation strategies to proactively address them. 
  • Undertake new infrastructure development, guiding teams to appropriate security architectures and modernizing Bloomberg’s system security standards. 
  • Foster a culture of security consciousness while understanding the trade-offs between security, usability, and performance. 
  • Collaborate with vendors, consultants, and industry peers to exchange knowledge and stay informed about the latest advancements in authentication and credential management technologies. 

You’ll need to have: 

  • 7+ years of experience building, maintaining and managing security aspects of large-scale, distributed infrastructure and applications. 
  • Strong experience in authentication, credential management, and provisioning technologies including engineering, integration and automation with an emphasis on security. 
  • A track record of building collaborative relationships with stakeholders across many functions, with a focus on correctness, scalability, and usability of distributed infrastructure. A long history of leading through influence and establishing consensus for execution. 
  • Ability to build proof-of-concepts solutions, innovate, and partner with Engineering teams to drive adoption. 
  • Ability to collect and document detailed product requirements including RFCs, design rationale and decision making. 
  • The experience of knowing when to build, buy or re-use. 
  • Deep knowledge of authentication protocols and standards, such as OAuth, OIDC, SAML, Kerberos, SPIFFE, etc. and how these protocols are adopted in large enterprises.  
  • Demonstrated polished written and oral communication skills, in a variety of circumstances (from presenting to audiences through to 1:1 communication), ability to present complex topics to senior leadership. 



We'd love to see: 

  • Experience managing large scale infrastructure. 
  • Experience and knowledge of handling regulatory requirements such as GDPR, DORA, and HIPAA.  
  • Experience integrating with and securing a combination of in-house developed and third-party solutions. 
  • Hands-on experience with authentication and credential management products. 
  • Hands-on experience with enterprise identity management technologies, the challenges of marrying business requirements, organizational behaviors, and technology.
Salary Range = 240000 - 330000 USD Annually + Benefits + Bonus

The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.


We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation, [Exempt roles only], paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns.
Is a Remote Job?
No

Bloomberg unleashes the power of information and technology to bring clarity to a complex world.

Global customers rely on us to deliver accurate, real-time business and market-moving information that...

Apply Now