Security Architect

Western & Southern Financial Group•Cincinnati, OH

16h•Onsite

About The Position

The Security Architect is responsible for executing a defined vision, guiding principles and strategy that enables the enterprise to implement and deploy security solutions and capabilities that are clearly aligned with business, technology and threat drivers. Provides leadership to project teams and leads security consultations for enterprise initiatives, delivering convincing recommendations to business and IT stakeholders. Responsible for helping develop security strategic plans and roadmaps based on sound enterprise architecture practices. Develops and maintains security architecture artifacts (e.g., models, templates and architectural diagrams) that can be used to drive security capabilities in projects and operations. Works with Senior Security Architect to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts. Works with minimal supervision and is responsible to independently make a broad range of critical decisions, escalating to Senior Security Architect or Manager only when appropriate.

Requirements

Typically five to seven years professional experience in Information Security or Architecture - Required
Proficient in linux-based and MS Windows-based system platforms. - Required
Strong understanding of Enterprise, network, system and application-level security issues. - Required
Understanding of Enterprise computing environments, systems and applications, and a strong understanding of TCP/IP networks - Required

Nice To Haves

Bachelor's Degree - Preferred
Fundamental or greater understanding of encryption technologies. - Preferred
Scripting skills (examples include Python, Perl, JavaScript, PowerShell) - Preferred
Knowledge of Identity & Access Management practices, systems and controls. - Preferred
Project planning and execution experience. - Preferred
Experience with security tools including but not limited to EDR, SIEM, WAF, knowledge base platforms, and live response/forensics tools. - Preferred
CISSP Certified Information Systems Security Professional - Preferred
CISM - Certified Information Security Manager - Preferred
CompTIA Security+ Certification - Preferred

Responsibilities

Executes on defined vision, guiding principles and strategy that enables the enterprise to implement and deploy security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
Serves as a technical expert and project team member for cybersecurity tool selection and implementation projects, supporting the system and integration project tasks when needed.
Helps develop security strategic plans and roadmaps based on sound enterprise architecture practices. Works with Senior Security Architect to track developments and changes in the digital business and threat environments to ensure they are adequately addressed in security strategy plans and architecture artifacts.
Provides leadership to project teams in the implementation of information security architecture principles, guidelines and practices that can be leveraged across other projects.
Leads information security consultations for initiatives, including requirements development and design, early and throughout the project lifecycle. Delivers convincing recommendations and action plans to project leaders and sponsors in support of information security needs. Plans, designs and oversees the implementation of security solutions, tools and monitoring systems.
Develops and maintains security architecture artifacts (e.g., models, templates, and architectural diagrams) that can be used to drive security capabilities in projects and operations.
Evaluates the external threat landscape, providing leadership regarding replacement or augmentation of existing tool capabilities in order to better secure business systems and data from inside and outside threats.
Provides architectural guidance and leadership on best practices regarding security in software development, user interface design frameworks, high performance messaging solutions, server side development, integrations and tools and technologies.
Works with Security Engineering to drive solution identification, feasibility analysis and implementation recommendations for operational service level improvements. Works as a member of project teams to collectively drive implementation projects from inception through completion.
Plans, designs, deploys and helps integrate IT security systems into corporate computing environments including systems used for logging, monitoring, intrusion detection, centralized cyber security knowledge base and behavioral analysis.
Performs as the technical expert in one or more highly specialized areas of Information Security. Promotes visibility and informal education to other IT groups such as Enterprise and Data Architecture, Infrastructure teams and Development teams as appropriate.
Monitors emerging technology trends and the security risks associated with those technologies. Makes recommendations for future-state improvements in tools, technology, process, automation and orchestration enhancements and improvements.
Performs other duties as assigned.
Complies with all policies and standards.