AVP, Information Security Architecture (Wayne, PA or Dayton, OH)

About The Position

Requirements

• 10+ years professional experience with a combination of management, architecture, and technical security engineering background
• Experience working in a matrix model, as the individual will be required to influence change and provide direction and support to business owners, IT technical owners, governance and shared functions (Legal, Finance, Information Governance and Enterprise Architecture), as well as lead and contribute to existing Information Security assignments
• Experience with/in: promoting business and/or information security strategies working with individuals across different time zones overseeing and directing the work of both internal and third-party resources a highly regulated industry such as government, financial services (banking, investments, or insurance) or health care
• Experience with information security architecture, engineering, and operations involving tool selection, deployment and application in a wide variety of technology areas including, but not limited to: IT infrastructure (network, desktop, server, storage), public cloud security (virtual server, fabric, and server-less technologies, API gateways, WAF), data protection (encryption and tokenization), identity and access management (IdM, SSO, privileged access management, authentication/authorization and federation) solutions, SQL and NoSQL databases, vulnerability management (both application and infrastructure), log monitoring/aggregation and threat detection
• Experience establishing and operating technical assurance systems and processes including: collection/gathering of input sources, the application of data analytics to evaluate controls (using off-the-shelf data analytics solutions as well as SQL and stored procedures), consistent and repeatable generation/reporting of assurance results, and automation of technical assurance processes and pipelines.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security topics, policies and standards as well as risk-related concepts to technical and nontechnical audiences at various hierarchical levels
• Experience with leading programs and executing good program management, including developing program goals, processes, deliverables, resource requirements, and measuring program performance.
• Ability to translate technical / security issues to business users
• Strong relationship, team building and facilitation skills
• Knowledge and experience of Information Security Risk, Governance and Compliance (GRC)
• Ability to travel as needed (no more than 25%)
• Working knowledge in a variety of IT disciplines and technologies, including but not limited to: Microsoft Active Directory, Office 365, SharePoint, OneDrive and Teams Public cloud services (AWS, Azure and GCP) Database management (Microsoft SQL Server) Encryption (SSL, Digital Certificates, PKI) VDI and Virtual Platforms (VMWare, Citrix) Mobile Device Management solutions (Intune) Authentication and Authorization methodologies including Multi-Factor Authentication (MFA) and Single Sign-On (SSO) (Microsoft Entra, Azure Active Directory, AWS Cognito, Azure B2C) Web and application development and hosting technologies (React, NodeJS, Java, python, PowerShell) Log management and threat detection (Splunk or similar technology) Emerging technologies, e.g. Kubernetes, IoT, blockchain, machine learning and AI
• Manage interns, architects, analysts, and related functional roles (1-3) as needed in support of Security Architecture and Technical Assurance work.
• Ability to strongly influence across department and divisional lines.

Nice To Haves

• Master’s Degree – Information Security, Security Assurance, or related
• Technical: 15+ years
• CISSP Required, SABSA certification, CISM or equivalent preferred.
• Excellent communicator and relationship builder who can speak in non-technical terms, to articulate complex ideas in straightforward language.
• Flexible and resilient.
• Ability to analyze and evaluate complex data and make sound recommendations with less than perfect information.
• Ability to assess, recommend and present financial / business benefits of technical options and champion recommendations.
• Demonstrated experience managing security spend v. risk mitigation.
• Dynamic ability to shift easily between tactical/operational issues and long term/strategic planning.
• Ability to motivate and develop staff.
• Strong work ethic, commitment and determination.
• Ability to partner with and influence others to gain commitment and achieve priorities.

Responsibilities

• Lead and operate Radian’s Information Security Architecture function, delivering consistent security architecture services, assessments, and documentation.
• Identify security gaps, drive remediation with system owners, and ensure alignment with enterprise security standards.
• Support projects by validating security requirements and solution designs.
• Advance security architecture capabilities and oversee evaluation and adoption of key security technologies and enterprise services, including Data Protection, SSO, PAM, Technical Assurance, and IAM.
• Oversee the implementation and operation of Radian’s Technical Assurance program, which monitors key security controls across IT systems and applications. The program identifies gaps in control effectiveness, reports them to Information Security leadership and governance bodies, and ensures timely remediation.
• Serve as a trusted adviser to business units and leadership, ensuring security best practices and controls are embedded into new products and services.
• Collaborate with Security Architecture, Engineering, Operations, Risk, Compliance, and Assurance teams to develop secure technical solutions and roadmaps.
• Partner with Enterprise Architecture to validate designs and ensure solutions meet security requirements and risk standards.
• Identify security and risk gaps within business units and drive remediation.
• Provide feedback to enterprise Information Security by shaping shared services and educating the team on business unit needs.
• Develop, coordinate, and manage monthly Information Security metrics collection and reporting processes, including development of new metrics, their implementation and automation.
• Coordinate collection of information and presentation of monthly CISO report to executives.
• Working with CISO and direct reports, as well as Procurement and Finance, contribute to the creation of the annual Information Security budget, helping to develop rationale and providing substantiation of new investments.
• Perform other duties as assigned or apparent.

Benefits

• Competitive Compensation: anticipated base salary from $136,000 to $206,000 based on skills and experience. This position is eligible to participate in an annual incentive program.
• Rest and Relaxation. This role is eligible for 25 days of paid time off annually, which is prorated in the year of hire based on hire date. In addition, based on your hire date, you will be eligible for 9 paid holidays + 2 floating holidays. Parental leave is also offered as an opportunity for all new parents to embrace this exciting change in their lives.
• Comprehensive Health Benefits. Multiple medical plan choices, including HSA and FSA options, dental, vision, and basic life insurance.
• Prepare for your Future. 401(k) with a top of market company match (did we mention the company match is immediately vested?!) and an opportunity to participate in Radian’s Employee Stock Purchase Plan (ESPP).
• Homebuyer Perks. Our Homebuyer Perks program helps employees navigate the home searching, buying, selling, and refinancing processes and provides valuable financial benefits to encourage, enable, and support home ownership.