Senior Security Architect
At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company nearly 160 years ago. Today, they're just a few of the reasons why people choose to build careers at Northwestern Mutual!
We're strong and growing. In a company with such a long and storied history, this may be the most exciting and important time to be a part of Northwestern Mutual. We're strong, innovative and growing.
We invest in our people. We provide opportunities for employees to grow themselves, their career and in turn, our business.
We care. We make a positive difference in our communities. Nationally, thousands have benefitted from our support of research and programs to fight childhood cancer. Each year, our Foundation, employees and financial representatives donate time, talent and financial support to causes they're passionate about.
Bring your best! What's the role?
As a member of the Enterprise Information Risk & Cybersecurity (EIRC) Security Architecture team as a Senior Security Architect , you'll be responsible for providing security architecture guidance and solutions that protect the organization, while enabling business. The Security Architect will work closely with enterprise partners, including but not limited to security engineering and operations, IT infrastructure, application development, enterprise architecture, and audit.
The ideal candidate will have technical knowledge and performing end to end Security Solutions covering a broad range of security technologies and platforms to deliver secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Provide expert guidance for addressing current security challenges but is able to be forward thinking and proactively deliver optimal security solutions. This position requires you to think like an adversary and identify how solutions should evolve as the threat landscape changes. You should possess strong communication and organizational skills and interact well within the team structure and across varying levels of the organization.
What you'll do:
- Help mature the EIRC organization and overall enterprise security posture by assessing control effectiveness against current and emerging threats while partnering with technology teams to ensure industry standard and best practice platform, network and endpoint security.
- Support the overall EIRC mission, strategy, and delivery of objectives.
- Define key architectural patterns, engineering practices and standards and drive them across the organization.
- Build strong working relationships and work closely with technical and enterprise architecture teams to ensure that security is well integrated into the environment.
- Interpret and apply understanding of policy, process, architecture, regulatory, audit and compliance implications in order to assist the development of technical solutions or controls.
- Maintain a deep understanding and application of security concepts at a technical level.
- Provide reporting and metrics, as needed.
What we're looking for:
- 4+ years' experience in some combination of the following disciplines with an emphasis on information security/security architecture in the Identity and Access Management space. Experience with network architecture, IT perimeter design, application architecture and design, common authentication protocols and frameworks, industry standard frameworks (NIST, ISO), Cloud, DNS, VPN, SOC, SIEM, Email security, Cryptography concepts are also a plus.
- A passion for information security and knowledge of the latest threats, trends and concerns.
- Subject matter expert for security processes across multiple domains and disciplines - on premise and cloud / SaaS based applications, data, infrastructure and mobile solutions.
- Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs) (MITRE ATT&CK framework), Cyber Kill Chain, and other relevant cybersecurity frameworks.
- Must be highly collaborative, able to effectively interact and communicate with peers, management and leadership teams of varying technical levels, and act with a sense of urgency when security challenges or requirements arise.
- Problem solver with an interest in helping our team deliver effective results and tangible outcomes.
Education Requirements
- A minimum of a bachelor's degree in Information Systems, Computer Science, Engineering, or equivalent experience
- CISSP and/or SANS certification preferred
- CISSP-ISSAP or CCSP or GIAC-GDSA a plus
Beyond base salary, NM offers the following benefits: pension, comprehensive medical, dental, and vision, FREE lunch, annual bonus opportunity, and much more!
.
Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!
W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in C alifornia, Colorado, New York City, Washington or outside of a Corporate location, please click here for information pertaining to compensation and benefits.
Please note: Any wages or wage ranges listed directly on a specific job requisition or posting will supersede corresponding wage ranges listed within Pay Transparency Guide linked above.