The Security Architect position will provide guidance on the design, implementation, and development of solutions for our cloud environments. This role will have a very broad understanding of all aspects of security and technology – including policies, standards, and regulatory requirements. The solutions shall be designed to mitigate and/or reduce business exposure to information security risks. Risks may include, but not limited to, cyber security, information security, data loss prevention, intrusion prevention, and the availably of information systems. This role will lead virtual groups and projects. This is a fully remote position.
- Implement solutions that comply with Assurant Information Security Policies and Standards with a focus on Cloud platforms.
- Lead virtual projects and technical teams on implementing security solutions across the enterprise.
- Guide information security implementations & policy enforcement throughout Assurant
- Provide security architecture or governance recommendations and guidance to senior security leaders and stakeholders
- Design gap remediation strategies as directed by senior security leaders
- Investigate the potential impact of emerging technologies and architectures and communicate findings to senior security leaders
- Design technology platforms and infrastructures in alignment with Assurant security standards and strategic roadmaps
- Develop secure architecture standards, requirements and documents – including policies as directed
- Reviews technical solutions and make recommendations in alignment with Assurant security architecture requirements
- Conduct security architecture reviews for internal and external clients and business partners at the request of the senior security leaders and/or Information Security Office.
- Ensure requirements are aligned to information security policies, standards and align to best practices
- Promote and help remediate gaps regarding security architecture.
- Provide support for mergers, acquisitions, and divestitures.
- Assess current state and maturity levels of existing security infrastructures, frameworks, methodologies, platforms.
- Manage and lead security projects and/or initiatives
- Provide technical and governance leadership for business security initiatives
- Provide technical and strategic mentorship for security engineers, analysts, and administrators
- Participate in staff training and development exercises
- Educate peers and security personnel about security platforms, technologies, governance, and architectures (both existing and emerging)
- 5+ of experience the field of IT, Information Security, or Risk (with a broad range of exposure to all aspects of business continuity, systems analysis, risk management, application development and information security)
- ISO 27001, NIST Cybersecurity Frameworks, MITRE ATT&CK Frameworks
- 5+ years of experience in leading teams or projects
- 5+ years of experience in IT Security
- 2+ years of Cloud experience Azure, AWS, GCP, etc. (Azure preferred)
- 2+ years of Agile experience
- Bachelor's or Master’s degree in Computer Science, Engineering or related discipline
- Appropriate certification preferred:
- Certificated Information Systems Security Professional (CISSP), highly desired
- Certified Cloud Security Professional (CCSP), highly desired
- Certificated Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- Certificated Information Security Manager (CISM)
- Certified Cyber Forensics Professional (CCFP)