Principal Security Architect
At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
At NM, our clients come first, and the Enterprise Information Risk & Cybersecurity (EIRC) Security Architecture team is responsible for protecting your privacy and ensuring your security. We're looking for a Principal Security Architect to deliver on a vision to protect our clients and maintain their trust through world-class and innovative cybersecurity and risk management services.
As the Security Architecture team, we are responsible for providing security architecture reviews, guidance and solutions that protect the organization, while enabling business. The Principal Security Architect will work closely with enterprise partners, including but not limited to security engineering and operations, IT infrastructure, application development, enterprise architecture, and audit.
The ideal candidate will have deep technical expertise across multiple security domains and will be responsible for providing end to end Security Solutions covering a broad range of security technologies and platforms to deliver secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors.
The Principal Security Architect provides expert guidance for addressing current security challenges but is able to be strategic and proactively deliver optimal security solutions. The architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. The architect should possess strong communication and organizational skills and interact well within the team structure and across varying levels of the organization.
This role will require collaboration with various business partners throughout the enterprise to ensure effective delivery of security architecture services. A successful candidate will be able to demonstrate organizational agility and political savvy while forming strong relationships and navigating across a large organization.
What's the role?
- Provide thought leadership in driving Security Architecture across the enterprise.
- Help mature the EIRC organization and overall enterprise security posture by performing security architecture reviews and assessing control effectiveness while partnering with technology teams to ensure industry standard and world-class platform, network, cloud, application and endpoint security.
- Support the overall EIRC mission, strategy, and delivery of objectives.
- Define key architectural patterns, engineering practices and standards and drive them across the organization.
- Build strong working relationships and collaborate with technical and enterprise architecture teams to integrate security into the environment.
- Support large and complex initiatives with a focus on problem solving and delivering results.
- Interpret and apply understanding of policy, process, architecture, regulatory, audit and compliance implications in order to assist the development of technical solutions or controls.
- Maintain a deep understanding and application of security concepts at a technical level.
- Provide reporting and metrics, as needed.
Bring your best! What this role needs:
- 10+ years' experience in some combination of the following disciplines with an emphasis on information security/security architecture specifically within identity and access management, network architecture, application architecture and design, common authentication protocols and frameworks, industry standard frameworks (NIST, ISO), Cloud, DNS, VPN, SOC, SIEM, Email security, Cryptography concepts.
- A passion for cybersecurity and knowledge of the latest threats, trends and concerns.
- Subject matter expert for security processes across multiple domains and disciplines - on premise and cloud / SaaS based applications, data, infrastructure and mobile solutions.
- Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs) (MITRE ATT&CK framework), Cyber Kill Chain, and other relevant cybersecurity frameworks.
- Must be highly collaborative, able to effectively interact with peers, management and leadership teams of varying technical levels, and take action when security challenges or requirements arise.
Education Requirements
- A minimum of a bachelor's degree in Information Systems, Computer Science, Engineering, or equivalent experience
- CISSP and/or SANS certification preferred
- Networking certification (CCIE) or CCSP a plus
Beyond base salary, NM offers the following benefits; pension, 401k, comprehensive medical, dental, and vision, annual bonus opportunity, and much more!
#LI-Post
This job is not covered by the existing Collective Bargaining Agreement.
Required Certifications:
Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.