EMC Insurance
Technology Security Architect
EMC Insurance, Des Moines, IA
At EMC, you'll put your skills to good use as an important member of our team. You can count on gaining valuable experience while contributing to the company's success. EMC strives to hire and retain the best people by engaging, developing and rewarding employees.
Serves as a technical subject matter expert in security architecture domain, providing guidance and consulting services to product teams, projects, and programs. Designs, builds, and implements enterprise-class information security solutions, including controls and system architectures following established enterprise frameworks and guardrails. Creates and maintains information security architecture diagrams and control catalogs, including control descriptions and taxonomy. Partners with technology engineering and operations teams to implement information security systems and controls. Identifies security design gaps in existing and proposed architectures and recommends changes or enhancements. Researches, evaluates, and implements new technology that optimizes the enterprise security posture. Stays abreast of security trends, including IAM, Cloud Security, and Data Protection. Trains Technology Security teams in implementation or conversion of systems.
1. Security Architecture Design and Promotion
2. Planning and Documentation
3. Best Practice Research and Business Collaboration
4. Enterprise Architecture Alignment and Governance
EDUCATION & EXPERIENCE
The education and experience below are required for the job unless labelled as preferred:
KNOWLEDGE, SKILLS & ABILITIES
The knowledge, skills and abilities below are required for the job unless labelled as preferred:
Per the Colorado Equal Pay for Equal Work Act, the hiring range for this position for Colorado-based team members is $122,731.81 -$157,608.77. The hiring range for other locations may vary.
Our employment practices are in accordance with the laws that prohibit discrimination due to race, color, creed, sex, sexual orientation, gender identity, genetic information, religion, age, national origin or ancestry, physical or mental disability, medical condition, veteran status, active military status, citizenship status, marital status or any other consideration made unlawful by federal, state, or local laws.
All of our locations are tobacco free including in company vehicles.
Serves as a technical subject matter expert in security architecture domain, providing guidance and consulting services to product teams, projects, and programs. Designs, builds, and implements enterprise-class information security solutions, including controls and system architectures following established enterprise frameworks and guardrails. Creates and maintains information security architecture diagrams and control catalogs, including control descriptions and taxonomy. Partners with technology engineering and operations teams to implement information security systems and controls. Identifies security design gaps in existing and proposed architectures and recommends changes or enhancements. Researches, evaluates, and implements new technology that optimizes the enterprise security posture. Stays abreast of security trends, including IAM, Cloud Security, and Data Protection. Trains Technology Security teams in implementation or conversion of systems.
1. Security Architecture Design and Promotion
- Serves as a technical subject matter expert in security architecture domain, providing guidance and consulting services to product teams, projects, and programs
- Designs, presents, builds, and implements enterprise-class information security solutions, including controls and system architectures following established enterprise frameworks and guardrails
- Develops security technology execution strategies for key information security pillars (e.g. cloud security, privileged access, data protection) and evangelizes to architects and engineers
- Serves as member of Architecture Review Board (ARB)
2. Planning and Documentation
- Authors whitepapers and strategic documents to facilitate broader security initiatives from a technology standpoint
- Provides strategic security architecture consulting services to engineers and leaders throughout the enterprise
- Designs and develops secure IT architecture solutions to business problems, such as integrated processes, applications, and data and technology, in alignment with the enterprise architecture direction and standards
- Creates and maintains information security architecture diagrams and control catalogs, including control descriptions and taxonomy. Performs technical planning, architecture development and modification of specifications
3. Best Practice Research and Business Collaboration
- Researches, evaluates, proposes, and implements new technology and industry trends to optimize the enterprise security posture
- Conducts technology evaluations, proof of concepts, and proof of values
- Evaluates the total cost of ownership and return on investment of various architecture alternatives
- Participates in and facilitates the design and review of process with product teams
- Recommends ways of measuring security effectiveness through key risk indicators in the form of metrics
- Collaborates with CISO, product owners, developers, risk and compliance, and other business partners to create and refine documentation for new projects
4. Enterprise Architecture Alignment and Governance
- Participates in solution architecture governance activities to maintain architecture artifacts such as catalog of business capabilities and application portfolio
- Utilizes cloud shared responsibility model to drive understanding of controls needed in the cloud vs. on-premise security tooling
- Maps the relationships between information systems components (i.e. end users, business processes, applications, data, IT platform hardware/software, and networks)
- Identifies key interactions and dependencies across separate systems and platforms
- Ensures appropriate security controls are incorporated into enterprise architecture designs that align with enterprise architecture design principles and requirements
- Collaborates with other enterprise architects to ensure information security controls are properly incorporated into enterprise architecture designs and information security systems align with enterprise architecture design principles and requirements
- Works closely with application security engineers to drive secure coding environment and promote application security firmwide
- Communicates architecture process, strategy, and direction to various IT and business stakeholders
EDUCATION & EXPERIENCE
The education and experience below are required for the job unless labelled as preferred:
- Bachelor's degree, preferably in cybersecurity, computer science, management information systems, or related field, or equivalent relevant experience
- Ten years of experience in information security architecture, DevSecOps, or enterprise systems infrastructure or related experience
- Experience with developing a Privileged Access Management (PAM) strategy preferred
- Experience with scripting, automating, and deploying in AWS or related cloud environments preferred
- Experience securing AWS and/or Azure environments preferred
- Experience with Cloud Security Posture Management (CSPM), Data Loss Prevention (DLP), and/or Cloud Access Security Broker (CASB) tools preferred
- AWS and/or Azure certifications preferred
- Security Certifications preferred (i.e. CISSP, CCSP, CSSLP)
KNOWLEDGE, SKILLS & ABILITIES
The knowledge, skills and abilities below are required for the job unless labelled as preferred:
- Excellent knowledge of information security concepts, principles, practices, and technologies
- Excellent knowledge of control design and enterprise architecture concepts and practices
- Excellent knowledge of cloud security and modern identity and access management architectures
Per the Colorado Equal Pay for Equal Work Act, the hiring range for this position for Colorado-based team members is $122,731.81 -$157,608.77. The hiring range for other locations may vary.
Our employment practices are in accordance with the laws that prohibit discrimination due to race, color, creed, sex, sexual orientation, gender identity, genetic information, religion, age, national origin or ancestry, physical or mental disability, medical condition, veteran status, active military status, citizenship status, marital status or any other consideration made unlawful by federal, state, or local laws.
All of our locations are tobacco free including in company vehicles.