Lead, Security Architect at Northern Trust

Chicago, Illinois, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Financial ServicesIndustries

Requirements

Bachelor's degree and experience in information security, or an equivalent combination of education and work experience
Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff
Six years of industry experience with the combination of main stream Information Security role and application development is preferred
CISSP, CISM, or Security+ certification preferred
Strong collaboration skills and analytical ability
Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies
Experience related to application development and DevOps
Very good understanding of CI/CD pipeline and secure application development methodologies
Experience with security tools related to DevSecOps - SAST, DAST, IAST
In-depth knowledge of various cybersecurity frameworks, standards, and SSDLC
Experience related to vulnerability management is big plus
Must have very good understanding related to OWASP top vulnerabilities and knowledge related to MITRE framework
Knowledge related to WAF, App Proxy, and CDN
Very good understanding of zero-trust architecture and working experience with relevant tools/technologies
Good understanding related to IPS/IDS, Network load balancer, firewalls, Z-Scaler, and networking technologies
Knowledge related AI/ML, DevSecOps, CI/CD Pipeline, IaC, and relevant tools
Experience in dealing with threat vectors and develop relevant plans to protect the organization from cyber threats
Knowledge of network architecture concepts including topology, protocols, and components
Understanding related to SEIM and experience related to Microsoft Defender, Entra, KQL, APIM, endpoint protection, scripting, CoPilot
Knowledge related to Privilege access management, Threat hunting, data protection, encryption, Authentication/Authorization, Vulnerability management systems, Cloud Security Posture Management

Responsibilities

Serve as subject matter expert in Application Security Architecture space
Partner with Application teams and provide consultation that can help secure their CI/CD implementation
As an SME in DevSecOps space, provide security architecture guidance in selection of appropriate tools
Provide security guidance that can help accelerate the application migrations to cloud
Partner with application teams to ensure ‘secure by design’ principles are followed as they modernize their applications
Carries out complex initiatives involving multiple disciplines and/or ambiguous projects
Evaluates and selects from existing and emerging technologies those options best fitting business/project needs
Promotes sharing of expertise through consulting, presentations, and documentations, etc
Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc
Guides the development, specification and communication of application or infrastructure architectures used by multiple business or application systems
Lead the security architecture reviews and provide analysis with the observations and findings
Experience in providing security consultation to application teams

Skills

Key technologies and capabilities for this role

Security ArchitectureDevSecOpsCI/CDApplication SecurityCloud MigrationSecure by Design

Questions & Answers

Common questions about this position

What is the salary for the Lead Security Architect position?

This information is not specified in the job description.

Is this a remote position or what is the location requirement?

This information is not specified in the job description.

What skills and experience are required for this role?

Required skills include experience in application development and DevOps, understanding of CI/CD pipeline and secure application development methodologies, experience with DevSecOps security tools like SAST, DAST, IAST, in-depth knowledge of cybersecurity frameworks and SSDLC, and understanding of OWASP top vulnerabilities and MITRE framework. Six years of industry experience combining information security and application development is preferred, along with CISSP, CISM, or Security+ certification.

What is the company culture like at Northern Trust?

Northern Trust emphasizes enduring principles of service, expertise, and integrity, with over 22,000 partners providing innovative financial services using leading technology and exceptional service. The role promotes sharing of expertise through consulting, presentations, and documentation, highlighting a collaborative environment.

What makes a strong candidate for the Lead Security Architect role?

Strong candidates have a Bachelor's degree or equivalent, six years of experience combining information security and application development, relevant certifications like CISSP or CISM, excellent consultative and communication skills, strong collaboration and analytical abilities, and deep knowledge of application security architecture and DevSecOps.