A Brief Overview
The Security Architect is responsible for executing a defined vision, guiding principles and strategy that enables the enterprise to implement and deploy security solutions and capabilities that are clearly aligned with business, technology and threat drivers. Provides leadership to project teams and leads security consultations for enterprise initiatives, delivering convincing recommendations to business and IT stakeholders. Responsible for helping develop security strategic plans and roadmaps based on sound enterprise architecture practices. Develops and maintains security architecture artifacts (e.g., models, templates and architectural diagrams) that can be used to drive security capabilities in projects and operations. Works with Senior Security Architect to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts. Works with minimal supervision and is responsible to independently make a broad range of critical decisions, escalating to Senior Security Architect or Manager only when appropriate.

What you will do

• Executes on defined vision, guiding principles and strategy that enables the enterprise to implement and deploy security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
• Serves as a technical expert and project team member for cybersecurity tool selection and implementation projects, supporting the system and integration project tasks when needed.
• Helps develop security strategic plans and roadmaps based on sound enterprise architecture practices. Works with Senior Security Architect to track developments and changes in the digital business and threat environments to ensure they are adequately addressed in security strategy plans and architecture artifacts.
• Provides leadership to project teams in the implementation of information security architecture principles, guidelines and practices that can be leveraged across other projects.
• Leads information security consultations for initiatives, including requirements development and design, early and throughout the project lifecycle. Delivers convincing recommendations and action plans to project leaders and sponsors in support of information security needs. Plans, designs and oversees the implementation of security solutions, tools and monitoring systems.
• Develops and maintains security architecture artifacts (e.g., models, templates, and architectural diagrams) that can be used to drive security capabilities in projects and operations.
• Evaluates the external threat landscape, providing leadership regarding replacement or augmentation of existing tool capabilities in order to better secure business systems and data from inside and outside threats.
• Provides architectural guidance and leadership on best practices regarding security in software development, user interface design frameworks, high performance messaging solutions, server side development, integrations and tools and technologies.
• Works with Security Engineering to drive solution identification, feasibility analysis and implementation recommendations for operational service level improvements. Works as a member of project teams to collectively drive implementation projects from inception through completion.
• Plans, designs, deploys and helps integrate IT security systems into corporate computing environments including systems used for logging, monitoring, intrusion detection, centralized cyber security knowledge base and behavioral analysis.
• Performs as the technical expert in one or more highly specialized areas of Information Security. Promotes visibility and informal education to other IT groups such as Enterprise and Data Architecture, Infrastructure teams and Development teams as appropriate.
• Monitors emerging technology trends and the security risks associated with those technologies. Makes recommendations for future-state improvements in tools, technology, process, automation and orchestration enhancements and improvements.
• Performs other duties as assigned.
• Complies with all policies and standards.

Qualifications

• Bachelor's Degree - Preferred
• Typically five to seven years professional experience in Information Security or Architecture - Required
• Proficient in linux-based and MS Windows-based system platforms. - Required
• Strong understanding of Enterprise, network, system and application-level security issues. - Required
• Understanding of Enterprise computing environments, systems and applications, and a strong understanding of TCP/IP networks - Required
• Fundamental or greater understanding of encryption technologies. - Preferred
• Scripting skills (examples include Python, Perl, JavaScript, PowerShell) - Preferred
• Knowledge of Identity & Access Management practices, systems and controls. - Preferred
• Project planning and execution experience. - Preferred
• Experience with security tools including but not limited to EDR, SIEM, WAF, knowledge base platforms, and live response/forensics tools. - Preferred
• CISSP Certified Information Systems Security Professional - Preferred
• CISM - Certified Information Security Manager - Preferred
• CompTIA Security+ Certification - Preferred

Work Setting/Position Demands:

• Works in an office setting and remains in a stationary position for long periods of time while working at a desk, on a computer or with other standard office equipment, or while in meetings.
• Requires the ability to verbally communicate and exchange accurate information to customers and associates on a regular basis.
• Requires visual acuity to read and interpret a variety of correspondence, procedures, reports and forms via paper and electronic documents, visual inspection involving small defects; small parts, and/or operation of machinery (including inspection); using measurement devices continuously. Visual acuity is required to determine accuracy, neatness, and thoroughness of work assigned.
• Requires the ability to prepare written correspondence, reports and forms using prescribed formats and conforming to rules of punctuation, grammar, diction, and style on a regular basis.
• Requires the ability to apply principles of logical thinking to define problems, collect data, establish facts, and draw valid conclusions
• Performs substantial movement of wrists, hands, and fingers for continuous computer work.
• Extended hours required during peak workloads or special projects/events.

Travel Requirements:

• None