Lead, Security Architecture

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Security Architect role is accountable for driving security initiatives for the organization. Under limited supervisions, you will work with a wide variety of business stakeholders and IT professionals (including different Security functions, Enterprise Architecture, Technology Infrastructure, and Cloud Engineering teams) to ensure organizational security needs/controls are aligned to support business goals and objectives.

Define security functional requirements and non-functional requirements to meet the business objectives of a solution

Work with stakeholders in setting the technical direction, selection, and evaluating candidate security solutions

Work with stakeholders to design and document the conceptual and detailed designs of security solutions

Lead the development of security standards, reference architectures, patterns, and guidelines

Assess effectiveness of security controls i.e. data protection, IAM, detective controls, infrastructure/network security, incident response. Work on identifying and driving implementation of appropriate controls, processes, and remediation of non-compliance

Research and advocate new technologies, architectures, and security products that will support security maturity roadmap

Act as a subject matter expert for advisory, review and approval of security designs, configurations, baselines, and technical standards

Create and review threat models using various approaches such as off the shelf tools, whiteboarding etc.

Good to have hands on Microsoft Threat Model and SD Element or any other open source threat modelling tools

Interfaces frequently with information security industry groups to stay abreast of emerging security trends

Helps establish overall enterprise information security architecture (EISA) by aligning business processes, IT software and hardware, local and wide area networks, people, operations, and projects with the organization’s overall security strategy

Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements, as detailed in solicitation documents

Interprets and/or approves security requirements relative to the capabilities of new information technologies

Work Experience / Knowledge:
 

10+ years’ IT experience with 6+ years focused on security and solution architecture

3+ years’ experience with cloud delivery platforms IaaS/PaaS/SaaS and providers such as Amazon Web Services (AWS) and Microsoft

Experience leading enterprise-wide security initiatives, including architecture and implementation of various security solutions & processes

Ability to engage with senior leaders to define requirements and communicate effectively the results and risks

Expert in 1 or more technology domains – infrastructure, application, network, IAM, data, endpoint

Experience working with enterprise architecture practice and methodology, with security focus.

Experience authoring security standards, reference architectures, patterns, and guidelines

Knowledge of or experience with industry security controls frameworks such as NIST, CSA CCM, CIS Critical Security Controls.

Hands-on experience in Cloud (Microsoft Azure/GCP/AWS ) security architecture, security engineering, or equivalent experience with vendor specific cloud certification

Qualifications:

BE/Btech degree and relevant work experience is required

8-10 years of experience in software development, information security and architecture design & controls

Certified Information Systems Security Professional (CISSP) or equivalent

Preferred - certified in an enterprise architecture methodology and framework like TOGAF or SABSA

Cloud Security Professional (CCSP), Certified Cloud Security Knowledge (CCSK), or preferred vendor certifications from AWS, Microsoft Azure or Google Cloud Platform

In-depth knowledge and understanding of OWASP Top 10 and CWE Top 25 with experience in assessment and providing remediation strategies

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.