Northern Trust
Location
Pune | India
Job description
Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.
Security Architect role is accountable for driving security initiatives for the organization. Under limited supervisions, you will work with a wide variety of business stakeholders and IT professionals (including different Security functions, Enterprise Architecture, Technology Infrastructure, and Cloud Engineering teams) to ensure organizational security needs/controls are aligned to support business goals and objectives.
Responsibilities :
Define security functional requirements and non-functional requirements to meet the business objectives of a solution
Work with stakeholders in setting the technical direction, selection, and evaluating candidate security solutions
Work with stakeholders to design and document the conceptual and detailed designs of security solutions
Lead the development of security standards, reference architectures, patterns, and guidelines
Assess effectiveness of security controls i.e. data protection, IAM, detective controls, infrastructure/network security, incident response. Work on identifying and driving implementation of appropriate controls, processes, and remediation of non-compliance
Research and advocate new technologies, architectures, and security products that will support security maturity roadmap
Act as a subject matter expert for advisory, review and approval of security designs, configurations, baselines, and technical standards
Create and review threat models using various approaches such as off the shelf tools, whiteboarding etc.
Good to have hands on Microsoft Threat Model and SD Element or any other open source threat modelling tools
Interfaces frequently with information security industry groups to stay abreast of emerging security trends
Helps establish overall enterprise information security architecture (EISA) by aligning business processes, IT software and hardware, local and wide area networks, people, operations, and projects with the organization's overall security strategy
Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements, as detailed in solicitation documents
Interprets and/or approves security requirements relative to the capabilities of new information technologies
Experience :
10+ years' IT experience with 6+ years focused on security and solution architecture
3+ years' experience with cloud delivery platforms IaaS/PaaS/SaaS and providers such as Amazon Web Services (AWS) and Microsoft
Experience leading enterprise-wide security initiatives, including architecture and implementation of various security solutions & processes
Ability to engage with senior leaders to define requirements and communicate effectively the results and risks
Expert in 1 or more technology domains – infrastructure, application, network, IAM, data, endpoint
Experience working with enterprise architecture practice and methodology, with security focus.
Experience authoring security standards, reference architectures, patterns, and guidelines
Knowledge of or experience with industry security controls frameworks such as NIST, CSA CCM, CIS Critical Security Controls.
Hands-on experience in Cloud (Microsoft Azure/GCP/AWS ) security architecture, security engineering, or equivalent experience with vendor specific cloud certification
Qualifications :
BE/BTech degree and relevant work experience is required
8-10 years of experience in software development, information security and architecture design & controls.
Certified Information Systems Security Professional (CISSP) or equivalent
Preferred - certified in an enterprise architecture methodology and framework like TOGAF or SABSA.
Cloud Security Professional (CCSP), Certified Cloud Security Knowledge (CCSK), or preferred vendor certifications from AWS, Microsoft Azure or Google Cloud Platform
In-depth knowledge and understanding of OWASP Top 10 and CWE Top 25 with experience in assessment and providing remediation strategies.
Job tags
Salary
