Lead, Security Architect at Northern Trust

Chicago, Illinois, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Financial ServicesIndustries

Requirements

Bachelor's degree and experience in information security, or an equivalent combination of education and work experience
Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff
Six years of industry experience with the combination of main stream Information Security role and application development is preferred
CISSP, CISM, or Security+ certification preferred
Strong collaboration skills and analytical ability
Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies
Experience related to application development and DevOps
Very good understanding of CI/CD pipeline and secure application development methodologies
Experience with security tools related to DevSecOps - SAST, DAST, IAST
In-depth knowledge of various cybersecurity frameworks, standards, and SSDLC
Experience related to vulnerability management is big plus
Must have very good understanding related to OWASP top vulnerabilities and knowledge related to MITRE framework
Knowledge related to WAF, App Proxy, and CDN
Very good understanding of zero-trust architecture and working experience with relevant tools/technologies
Good understanding related to IPS/IDS, Network load balancer, firewalls, Z-Scaler, and networking technologies
Knowledge related AI/ML, DevSecOps, CI/CD Pipeline, IaC, and relevant tools
Experience in dealing with threat vectors and develop relevant plans to protect the organization from cyber threats
Knowledge of network architecture concepts including topology, protocols, and components
Understanding related to SEIM and experience related to Microsoft Defender, Entra, KQL, APIM, endpoint protection, scripting, CoPilot
Knowledge related to Privilege access management, Threat hunting, data protection, encryption, Authentication/Authorization, Vulnerability management systems, Cloud Security Posture Management

Responsibilities

Serve as subject matter expert in Application Security Architecture space
Partner with Application teams and provide consultation that can help secure their CI/CD implementation
As an SME in DevSecOps space, provide security architecture guidance in selection of appropriate tools
Provide security guidance that can help accelerate the application migrations to cloud
Partner with application teams to ensure ‘secure by design’ principles are followed as they modernize their applications
Carries out complex initiatives involving multiple disciplines and/or ambiguous projects
Evaluates and selects from existing and emerging technologies those options best fitting business/project needs
Promotes sharing of expertise through consulting, presentations, and documentations, etc
Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc
Guides the development, specification and communication of application or infrastructure architectures used by multiple business or application systems
Lead the security architecture reviews and provide analysis with the observations and findings
Experience in providing security consultation to application teams