Job Title: Security Architect
Job ID: 06517
Division: Information Services
Work Location(s): United States-Wisconsin-Madison
Full/Part Time: Full-Time
Position Details:
CISSP or OSCP certifications are a plus.
Ideal candidate will have a strong background in evaluating and designing mitigations with information security risks and scripting/development experience.
Depending on qualifications, candidates can be considered at the lower 2 levels (Senior Analyst and Analyst).
Position Objective
The Security Architect utilizes solid business knowledge and expert technical experience in security to provide leadership and expertise as it relates to security architecture. Responsible for the identification, analysis, evaluation, life-cycle management, and adoption of security technologies that support business requirements and align with architecture standards and patterns. Plans, coordinates, and directs all information security architecture activities. Works closely with all areas of Information Services (I/S), business units, and strategic partners and vendors to ensure security initiatives are in line with all other key initiatives that may have interdependencies. Engages with project teams to ensure technology roll outs are supported and reviewed by Information Security and that applicable security controls are properly incorporated.
Primary Accountabilities
- Security Architecture (50%)
- Develops security architecture strategies that align to enterprise architecture strategy and the company's business strategy.
- Develops in depth security architecture standards, frameworks and design patterns spanning all layers of security from host, server, mobile, and network to application and data security.
- Architects, designs, prioritizes, coordinates, and communicates the security technologies necessary to ensure a highly secure yet usable computing environment.
- Provides security guidance across the system development life cycle, including security architectural reviews.
- Contributes to the development and implementation of security technology solutions for complicated and more complex environments and architecture.
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risks, and recommends technologies and solutions to mitigate them.
- Stays current with security technologies and mobile security technologies and makes recommendations for use based on business value.
- Works closely with other technology architects to ensure that security is properly represented in their technology domains and to ensure consistency and compatibility among I/S strategies and standards. Actively communicates with stakeholders to drive awareness and understanding of security architecture roadmaps and directions.
- Technical Leadership (30%)
- Act as a subject matter expert on the implementation and capabilities of existing security controls.
- Provides direction and thought leadership to enterprise-wide initiatives applying security principles such as access control, encryption, and host security as well as state of the art and emerging technologies such as cloud computing, mobile computing, and next generation architecture.
- Identifies the need for new security technology solutions; designs, reviews and collaborates on the deployment of new solutions.
- Acts as a resource for direction, training and guidance for less experienced staff.
- Research and Development (20%)
- Stays informed about the latest developments in the security field, including threats towards the organization, tools, attack vectors, and cutting edge preventative measures.
- Participates in new products or technology solutions supported by appropriate ROI, total cost of ownership, and/or cost benefit analyses.
- Leads technical proof of concepts.
Job Competencies
- Achieve Results
- Be Accountable
- Maximize Customer Experience
- Communication
- Conceptual Thinking
- Influence
- Relationship Building
- Technical Expertise
Specialized Knowledge and Skills Requirements
- Demonstrated experience communicating technical information to business clients and less experienced technologists.
- Demonstrated experience leading and developing others by providing technical guidance and leadership to project teams.
- Demonstrated experience translating business requirements into architectural deliverables and technical specifications.
- Extensive knowledge and understanding of security issues, techniques, and implications across multiple computer platforms.
- Solid knowledge and understanding of security regulations and best practices such as PCI, SOX, HIPAA, or the ISO 27000 family of standards.
- Solid knowledge and understanding of systems development life cycle (SDLC).
Travel Requirements
- This position requires travel up to 20% of the time
Working Conditions
- Ability to participate in 24x7 off hour/on call on a rotating basis.
Company Information
We offer a comprehensive benefits package that includes health, life and dental insurance, a 401(K) plan, paid holidays, vacation and sick leave and the opportunity for career development. If you would like to put your career in motion apply online today!
A career move to join American Family Insurance may also mean a physical move for you. If you are selected for an interview, information will be provided on the level of relocation assistance available during the interview.
Offer to selected candidate will be made contingent on the results of background checks.
LI:JM1
Please review the job requirements.
Job ID: 06517
Division: Information Services
Work Location(s): United States-Wisconsin-Madison
Full/Part Time: Full-Time
Position Details:
CISSP or OSCP certifications are a plus.
Ideal candidate will have a strong background in evaluating and designing mitigations with information security risks and scripting/development experience.
Depending on qualifications, candidates can be considered at the lower 2 levels (Senior Analyst and Analyst).
Position Objective
The Security Architect utilizes solid business knowledge and expert technical experience in security to provide leadership and expertise as it relates to security architecture. Responsible for the identification, analysis, evaluation, life-cycle management, and adoption of security technologies that support business requirements and align with architecture standards and patterns. Plans, coordinates, and directs all information security architecture activities. Works closely with all areas of Information Services (I/S), business units, and strategic partners and vendors to ensure security initiatives are in line with all other key initiatives that may have interdependencies. Engages with project teams to ensure technology roll outs are supported and reviewed by Information Security and that applicable security controls are properly incorporated.
Primary Accountabilities
- Security Architecture (50%)
- Develops security architecture strategies that align to enterprise architecture strategy and the company's business strategy.
- Develops in depth security architecture standards, frameworks and design patterns spanning all layers of security from host, server, mobile, and network to application and data security.
- Architects, designs, prioritizes, coordinates, and communicates the security technologies necessary to ensure a highly secure yet usable computing environment.
- Provides security guidance across the system development life cycle, including security architectural reviews.
- Contributes to the development and implementation of security technology solutions for complicated and more complex environments and architecture.
- Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risks, and recommends technologies and solutions to mitigate them.
- Stays current with security technologies and mobile security technologies and makes recommendations for use based on business value.
- Works closely with other technology architects to ensure that security is properly represented in their technology domains and to ensure consistency and compatibility among I/S strategies and standards. Actively communicates with stakeholders to drive awareness and understanding of security architecture roadmaps and directions.
- Technical Leadership (30%)
- Act as a subject matter expert on the implementation and capabilities of existing security controls.
- Provides direction and thought leadership to enterprise-wide initiatives applying security principles such as access control, encryption, and host security as well as state of the art and emerging technologies such as cloud computing, mobile computing, and next generation architecture.
- Identifies the need for new security technology solutions; designs, reviews and collaborates on the deployment of new solutions.
- Acts as a resource for direction, training and guidance for less experienced staff.
- Research and Development (20%)
- Stays informed about the latest developments in the security field, including threats towards the organization, tools, attack vectors, and cutting edge preventative measures.
- Participates in new products or technology solutions supported by appropriate ROI, total cost of ownership, and/or cost benefit analyses.
- Leads technical proof of concepts.
Job Competencies
- Achieve Results
- Be Accountable
- Maximize Customer Experience
- Communication
- Conceptual Thinking
- Influence
- Relationship Building
- Technical Expertise
Specialized Knowledge and Skills Requirements
- Demonstrated experience communicating technical information to business clients and less experienced technologists.
- Demonstrated experience leading and developing others by providing technical guidance and leadership to project teams.
- Demonstrated experience translating business requirements into architectural deliverables and technical specifications.
- Extensive knowledge and understanding of security issues, techniques, and implications across multiple computer platforms.
- Solid knowledge and understanding of security regulations and best practices such as PCI, SOX, HIPAA, or the ISO 27000 family of standards.
- Solid knowledge and understanding of systems development life cycle (SDLC).
Travel Requirements
- This position requires travel up to 20% of the time
Working Conditions
- Ability to participate in 24x7 off hour/on call on a rotating basis.
Company Information
We offer a comprehensive benefits package that includes health, life and dental insurance, a 401(K) plan, paid holidays, vacation and sick leave and the opportunity for career development. If you would like to put your career in motion apply online today!
A career move to join American Family Insurance may also mean a physical move for you. If you are selected for an interview, information will be provided on the level of relocation assistance available during the interview.
Offer to selected candidate will be made contingent on the results of background checks.
LI:JM1
Please review the job requirements.