Senior Security Architect

About The Position

Requirements

• 11+ years of Information Security and/or Architecture Experience
• CISSP, CISM, or technical certifications (e.g., PenTest+, CYSA+, CEH) and a technology degree are preferred, equivalent professional experience and a proven track record in the field will be considered in lieu of formal credentials.
• Extensive knowledge in all areas of Information Security and Privacy including Asset Management, Data Protection, Vulnerability Management, Access Controls, Network Security, and Disaster Recovery.
• Extensive experience selecting, implementing, and using a wide variety of security services and products across multiple technology disciplines.
• Ability to apply solutions based on CIS, NIST, and ITIL to address complex control objectives.
• Excellent interpersonal and presentation skills, with experience in formal report writing and providing highly detailed technical answers for external requests.

Responsibilities

• In collaboration, develop and maintain the Security Architecture roadmap that preserves a strong security posture and aligns with corporate objectives.
• Lead the development and implementation of automation for established and new security processes to increase operational efficiency and reduce manual intervention.
• Develop the architectural framework for the secure deployment of AI, designing foundational layers for Model Security, Data Privacy, and Autonomous Agent orchestration.
• Design complex multi-cloud infrastructures where security controls are programmatically enforced and globally consistent.
• Provide technical guidance on securing CI/CD pipelines and managing security within Github and other SaaS-based development tools.
• Continuously assess security systems and infrastructure to identify vulnerabilities and develop remediation plans through risk assessments, penetration tests, and other scanning methodologies.
• Advise teams on secure coding, encryption, authentication, and access controls.
• Lead and collaborate with IT, Engineering, Legal, Finance, Insurance Operations, External Examiners, and other business areas as necessary during compliance exams.
• Prepare metrics and reporting for review by Security Leadership, offering recommendations for remediation that satisfy security best practices and audit scrutiny.
• Evaluate emerging security technologies, trends, and threats to ensure the company is best positioned to defend its landscape.
• Review and contribute to effective and efficient information security process documentation that supports and drives compliance to Bestow Information Security Policies, Standards, and applicable regulatory requirements.
• Research, understand, and interpret state regulations related to Cybersecurity and Privacy in the Insurance Industry.
• Contribute to response efforts for external requests, including questions about all aspects of the security program, including governance questions, and providing answers at a highly detailed technical level.
• Assist with other assigned duties.

Benefits

• Competitive salary and equity based on role
• Policies and managers that support work/life balance, like our flexible paid time off and parental leave programs
• 100% paid-premium option for medical, dental, and vision insurance
• Lifestyle stipend to support your physical, emotional, and financial wellbeing
• Flexible work-from-home policy and open to remote
• Remote and WFH options, as well as a beautiful, state-of-the-art office in Dallas’ Deep Ellum, for those who prefer an office setting
• Employee-led diversity, equity, and inclusion initiatives