Principal Security Architect

Position Overview

• Location Type:
• Job Type: Full time
• Salary:

At Lilly, we unite caring with discovery to make life better for people around the world. We are a global healthcare leader headquartered in Indianapolis, Indiana. Our employees around the world work to discover and bring life-changing medicines to those who need them, improve the understanding and management of disease, and give back to our communities through philanthropy and volunteerism. We give our best effort to our work, and we put people first. We’re looking for people who are determined to make life better for people around the world.

Position: Security Architect

What You'll Be Doing:

As a Security Architect, you will develop comprehensive threat models and conduct security reviews across key technology domains while creating proactive security guidance through reference architectures. You will analyze security requirements for various projects, develop threat modeling frameworks, and contribute to cybersecurity policy development. This role involves translating security principles into practical architectural guidance while ensuring consistent security standards across the organization.

How You'll Succeed:

• Technical Expertise: Demonstrate deep knowledge of threat modeling methodologies and security architecture principles across diverse technology environments.
• Proactive Guidance: Develop reference architectures and design patterns that prevent security issues before they occur.
• Risk Assessment: Effectively evaluate security risks and translate findings into actionable recommendations for development teams.
• Policy Contribution: Analyze cybersecurity policies and provide informed recommendations based on technical expertise.
• Collaborative Execution: Work effectively with cross-functional teams to implement security improvements and architectural standards.
• Continuous Improvement: Refine threat modeling processes and security review methodologies to enhance organizational security posture.

Key Responsibilities:

• Develop and maintain comprehensive threat models for applications and systems.
• Conduct security architecture reviews for projects and initiatives.
• Create reference architectures and security design patterns.
• Provide proactive security guidance to development and engineering teams.
• Analyze and recommend updates to cybersecurity policies and standards.
• Implement threat modeling frameworks using industry methodologies.
• Perform security assessments and identify architectural vulnerabilities.
• Develop security requirements and controls for various technology domains.
• Collaborate with teams to integrate security into design processes.
• Document security best practices and architectural guidance.
• Conducting threat modeling, performing security reviews, developing reference architectures, and contributing to cybersecurity policy development.

What You Should Bring:

• Strong technical expertise in security architecture and threat modeling methodologies.
• Experience with security and threat modeling frameworks (MITRE ATT&CK, NIST, STRIDE, etc.).
• Proven track record of conducting security reviews and architecture assessments.
• Knowledge of reference architecture development and design pattern creation.
• Understanding of cybersecurity policies, standards, and regulatory requirements.
• Experience translating security requirements into technical implementations.
• Strong analytical and problem-solving skills for complex security challenges.
• Proficiency in documenting security guidance and best practices.
• Ability to work collaboratively with technical and business stakeholders.
• Commitment to staying current with emerging threats and security technologies.
• Technical collaboration: Working with development teams, conducting security assessments, creating architectural guidance, and contributing expertise to policy development initiatives.

Your Basic Qualifications:

• Bachelor's Degree in Computer Science, Information Security, or related field OR High School Diploma.