HUB International
Security Architecture Engineer
HUB International, Chicago, Illinois, United States, 60290
As a
Security Architecture Engineer , you will play a pivotal role in designing, developing, and maintaining the security architecture for the organization. Your primary responsibility is to ensure that all systems, applications, and network infrastructures are securely designed, configured, and maintained. This position requires a deep understanding of security frameworks, threat landscapes, and the ability to apply secure engineering principles to new and existing systems.You will work closely with various teams, including IT, development, and compliance, to ensure that security best practices are incorporated at every stage of the project lifecycle. The role requires both hands-on technical skills and the ability to create comprehensive security architecture documentation.
Key ResponsibilitiesSecurity Architecture Design & Development
Develop, maintain, and review secure architecture frameworks and blueprints for on-premises, cloud, and hybrid environments.Design and implement security controls that align with industry standards (e.g., NIST, ISO 27001, CIS) and company policies.Ensure the architecture meets regulatory compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
Risk Assessment & Threat Modeling
Perform threat modeling and risk assessments to identify vulnerabilities in new and existing systems.Recommend security solutions to mitigate identified risks.Collaborate with development and operations teams to integrate security into DevOps pipelines (DevSecOps).
Security Tools & Technologies
Evaluate and recommend security tools and technologies such as firewalls, IDS/IPS, SIEM, DLP, endpoint security, and identity management solutions.Oversee the integration of security technologies into the existing IT infrastructure.Manage and optimize security configurations for various platforms (e.g., AWS, Azure, GCP, and traditional datacenter environments).
Collaboration & Teamwork
Collaborate with cross-functional teams, including IT, networking, software engineering, and cloud operations, to incorporate security into system designs and workflows.Work closely with compliance teams to ensure adherence to legal, regulatory, and industry standards.
Security Documentation & Reporting
Develop detailed technical documentation, including system architecture diagrams, security architecture blueprints, and best practice guidelines.Prepare reports and communicate complex technical issues to non-technical stakeholders, including executive leadership.
Incident Response & Security Audits
This role may be requested to provide security expertise during incident response and forensic investigations.Participate in internal and external audits by preparing necessary documentation and implementing required improvements.
Continuous Improvement & Research
Stay up to date with the latest trends in cybersecurity, new threat vectors, and the evolving security landscape.Participate in knowledge-sharing activities such as team training, mentoring junior engineers, and conducting security workshops.
Technical RequirementsHands-On Experience with Security Technologies
Network Security:
Deep knowledge of firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and advanced network segmentation.Identity & Access Management (IAM):
Experience with IAM solutions such as
Okta
Azure AD
Sailpoint , and
LDAPCloud Security:
Strong experience securing cloud environments like
AWS
Azure , and
Google Cloud Platform (GCP)Endpoint & Data Security:
Familiarity with
DLP
endpoint security solutions
(e.g., SentinelOne, Tanium), and encryption standards.SIEM/Log Management:
Hands-on experience with
SIEM platforms
(e.g., Splunk) for security monitoring, log correlation, and threat detection.Vulnerability Management:
Experience with tools like
Tenable.io
Nessus , or
Qualys
for continuous vulnerability assessments.
Knowledge of Security Frameworks
Proficiency in implementing and adhering to security frameworks such as
NIST
ISO 27001
CIS
TOGAF , and
SABSAExperience in aligning security architecture with regulatory compliance standards (GDPR, HIPAA, PCI-DSS, SOX).
Security Certifications (Preferred)
Certified Information Systems Security Professional (CISSP)Certified Cloud Security Professional (CCSP)Certified Information Security Manager (CISM)Certified Ethical Hacker (CEH)AWS Certified Security – SpecialtyCertified Information Systems Auditor (CISA)
Programming & Automation
Proficiency in one or more programming/scripting languages ( Python
PowerShell
Bash ) for automating security tasks.Experience with
DevSecOps
practices and tools such as
Terraform
Chef, and code vulnerability scanners for SasT, DasT, IasT, and SCA
for integrating security into development pipelines.
Skills & ExperienceBachelor’s Degree
in Information Security, Computer Science, or related field (or equivalent work experience).5+ years
of experience in a security architecture or engineering role.Expertise in
network security
cloud security
IAM , and
SIEM
platforms.Strong understanding of the
OWASP Top Ten
SANS Top 25 , and other common attack vectors.Experience in
security risk management , including conducting
risk assessments
and implementing
mitigationsExcellent problem-solving and analytical skills with a strong attention to detail.
Teamwork & Collaboration ExpectationsWork collaboratively with cross-functional teams (IT, software development, DevOps, compliance) to ensure security best practices are embedded in daily operations.Provide
technical leadership
on security architecture-related projects and participate in security design reviews.Mentor and guide
junior security engineers , encouraging knowledge sharing and growth across the team.Maintain a positive, solution-oriented attitude while working with other teams to balance security needs with business objectives.
Ability to Work IndependentlyThe Security Architecture Engineer must demonstrate the ability to
work autonomously
with minimal supervision, managing their time effectively across multiple projects.Expected to
identify security gaps
in systems or processes proactively and take initiative in proposing and implementing solutions.Capable of making sound decisions when under pressure, especially in the context of security incidents or time-sensitive projects.
Training & DevelopmentOngoing Training:Stay current on emerging threats, security technologies, and best practices through self-paced learning and professional development.Engage in regular
technical training
and
certification courses
to maintain knowledge in rapidly evolving areas such as
cloud security
machine learning in security , and
zero-trust architectureAttend cybersecurity conferences, webinars, and training events to stay informed on the latest security trends.Internal Training:Participate in internal security awareness and skills training programs.Provide training to other technical teams, promoting secure development practices and operational security.
Key Performance Indicators (KPIs)Success in security projects (implementation of new architecture frameworks, deployment of security tools).Effectiveness in threat identification and mitigation efforts.Compliance with security frameworks and regulatory requirements.Positive feedback from team collaboration and cross-departmental partnerships.Continuous improvement and contribution to company-wide security posture.
Security Architecture Engineer , you will play a pivotal role in designing, developing, and maintaining the security architecture for the organization. Your primary responsibility is to ensure that all systems, applications, and network infrastructures are securely designed, configured, and maintained. This position requires a deep understanding of security frameworks, threat landscapes, and the ability to apply secure engineering principles to new and existing systems.You will work closely with various teams, including IT, development, and compliance, to ensure that security best practices are incorporated at every stage of the project lifecycle. The role requires both hands-on technical skills and the ability to create comprehensive security architecture documentation.
Key ResponsibilitiesSecurity Architecture Design & Development
Develop, maintain, and review secure architecture frameworks and blueprints for on-premises, cloud, and hybrid environments.Design and implement security controls that align with industry standards (e.g., NIST, ISO 27001, CIS) and company policies.Ensure the architecture meets regulatory compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
Risk Assessment & Threat Modeling
Perform threat modeling and risk assessments to identify vulnerabilities in new and existing systems.Recommend security solutions to mitigate identified risks.Collaborate with development and operations teams to integrate security into DevOps pipelines (DevSecOps).
Security Tools & Technologies
Evaluate and recommend security tools and technologies such as firewalls, IDS/IPS, SIEM, DLP, endpoint security, and identity management solutions.Oversee the integration of security technologies into the existing IT infrastructure.Manage and optimize security configurations for various platforms (e.g., AWS, Azure, GCP, and traditional datacenter environments).
Collaboration & Teamwork
Collaborate with cross-functional teams, including IT, networking, software engineering, and cloud operations, to incorporate security into system designs and workflows.Work closely with compliance teams to ensure adherence to legal, regulatory, and industry standards.
Security Documentation & Reporting
Develop detailed technical documentation, including system architecture diagrams, security architecture blueprints, and best practice guidelines.Prepare reports and communicate complex technical issues to non-technical stakeholders, including executive leadership.
Incident Response & Security Audits
This role may be requested to provide security expertise during incident response and forensic investigations.Participate in internal and external audits by preparing necessary documentation and implementing required improvements.
Continuous Improvement & Research
Stay up to date with the latest trends in cybersecurity, new threat vectors, and the evolving security landscape.Participate in knowledge-sharing activities such as team training, mentoring junior engineers, and conducting security workshops.
Technical RequirementsHands-On Experience with Security Technologies
Network Security:
Deep knowledge of firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and advanced network segmentation.Identity & Access Management (IAM):
Experience with IAM solutions such as
Okta
Azure AD
Sailpoint , and
LDAPCloud Security:
Strong experience securing cloud environments like
AWS
Azure , and
Google Cloud Platform (GCP)Endpoint & Data Security:
Familiarity with
DLP
endpoint security solutions
(e.g., SentinelOne, Tanium), and encryption standards.SIEM/Log Management:
Hands-on experience with
SIEM platforms
(e.g., Splunk) for security monitoring, log correlation, and threat detection.Vulnerability Management:
Experience with tools like
Tenable.io
Nessus , or
Qualys
for continuous vulnerability assessments.
Knowledge of Security Frameworks
Proficiency in implementing and adhering to security frameworks such as
NIST
ISO 27001
CIS
TOGAF , and
SABSAExperience in aligning security architecture with regulatory compliance standards (GDPR, HIPAA, PCI-DSS, SOX).
Security Certifications (Preferred)
Certified Information Systems Security Professional (CISSP)Certified Cloud Security Professional (CCSP)Certified Information Security Manager (CISM)Certified Ethical Hacker (CEH)AWS Certified Security – SpecialtyCertified Information Systems Auditor (CISA)
Programming & Automation
Proficiency in one or more programming/scripting languages ( Python
PowerShell
Bash ) for automating security tasks.Experience with
DevSecOps
practices and tools such as
Terraform
Chef, and code vulnerability scanners for SasT, DasT, IasT, and SCA
for integrating security into development pipelines.
Skills & ExperienceBachelor’s Degree
in Information Security, Computer Science, or related field (or equivalent work experience).5+ years
of experience in a security architecture or engineering role.Expertise in
network security
cloud security
IAM , and
SIEM
platforms.Strong understanding of the
OWASP Top Ten
SANS Top 25 , and other common attack vectors.Experience in
security risk management , including conducting
risk assessments
and implementing
mitigationsExcellent problem-solving and analytical skills with a strong attention to detail.
Teamwork & Collaboration ExpectationsWork collaboratively with cross-functional teams (IT, software development, DevOps, compliance) to ensure security best practices are embedded in daily operations.Provide
technical leadership
on security architecture-related projects and participate in security design reviews.Mentor and guide
junior security engineers , encouraging knowledge sharing and growth across the team.Maintain a positive, solution-oriented attitude while working with other teams to balance security needs with business objectives.
Ability to Work IndependentlyThe Security Architecture Engineer must demonstrate the ability to
work autonomously
with minimal supervision, managing their time effectively across multiple projects.Expected to
identify security gaps
in systems or processes proactively and take initiative in proposing and implementing solutions.Capable of making sound decisions when under pressure, especially in the context of security incidents or time-sensitive projects.
Training & DevelopmentOngoing Training:Stay current on emerging threats, security technologies, and best practices through self-paced learning and professional development.Engage in regular
technical training
and
certification courses
to maintain knowledge in rapidly evolving areas such as
cloud security
machine learning in security , and
zero-trust architectureAttend cybersecurity conferences, webinars, and training events to stay informed on the latest security trends.Internal Training:Participate in internal security awareness and skills training programs.Provide training to other technical teams, promoting secure development practices and operational security.
Key Performance Indicators (KPIs)Success in security projects (implementation of new architecture frameworks, deployment of security tools).Effectiveness in threat identification and mitigation efforts.Compliance with security frameworks and regulatory requirements.Positive feedback from team collaboration and cross-departmental partnerships.Continuous improvement and contribution to company-wide security posture.