Lead Security Architect Salary: $180k-$190k + 15% Bonus Location: Chicago, IL We are unable to provide sponsorship for this role 15% Bonus Eligible
A prestigious Fortune 500 company is seeking a Lead Security Architect with deep knowledge of current and future-looking security practices for networks and infrastructure. The Security Architect will develop the patterns, frameworks, and standards.
Qualifications
Bachelor’s Degree in Computer Science (related) or equivalent experience as a hand-on security architect/senior security engineer.
7+ years of IT Security Experience. Industry certifications are highly desired (i.e., CISSP, CCSP, or other advanced-level certifications).
Firewalls, networking, routing, load balancers, and related
Zero trust, zone-based architecture, defense in depth, SASE, SSE, and micro-segmentation
Identity-based network access, time-bound access to networks, and NAC
Wireless technologies, 802.1x, WPAx, and wireless in IoT and industrial applications
Intrusion detection/prevention, threat protection, application, and content identification
Web application firewalls (WAF), application and reverse proxies, DDoS protection strategies
SaaS cloud service security (O365, Salesforce, ServiceNow, etc.)
AWS, Azure, Google Cloud Platform, and other commodity IaaS vendors
NIST 800-53, NIST CSF, ISO 27001, PCI-DSS, HIPAA, etc.
SABSA, TOGAF, and enterprise architecture frameworks
Frameworks such as MITRE ATT&CK and OWASP ASVS, with the ability to articulate how the frameworks assist in enhancing security.
Vulnerability management technologies and secure development tools.
Threat modeling methodologies and frameworks
Server, database, and infrastructure security and resiliency
Kubernetes and containers
Internet of Things (IoT), Operational Technologies (OT) and industrial controls
Responsibilities
Security Consultation to stakeholders, SMEs, and project or product teams
The security resource who can speak to security requirements, controls, and implications for new technologies, products, services, or designs across the technology landscape.
A go-to resource for teams seeking deeper clarity, potential solutions, or recommendations for meeting security requirements when path forward is uncertain.
Security analysis and guidance from within the Security Team.
Constructive review of existing environment standards, designs, tools, and services to determine areas of weakness, inconsistency, or exposure, this while offering recommendations for IT remediations and maturity.
Thoughtful analysis and alignment with Security Operations and GRC to ensure alerting, metrics, and reporting are conveying information to further reinforce security standards or identify deviations.
Defining security architecture, standards, and solutions within one or more domains
Develop conceptual and logical security architectures to inform and influence product selection and application
Create and document technical security standards, policies, procedures, and processes
Support the analysis and implementation of security standards to establish repeatability and consistency across the technology ecosystem.
Continuous analysis of future-state security requirements tied to product roadmaps, strategies, and business initiatives.
Design and advocate for modern approaches to network and infrastructure security
Develop patterns, strategies, and roadmaps aligned to the technology and business goals
Perform risk assessments and identify capabilities needed to address current and anticipated challenges to our networks and infrastructure