The LaSalle Group
Security Architect
The LaSalle Group, Rosemont, Illinois, United States,
LaSalle Network is partnering with a client to seek an
Enterprise Security Architect,
who will play an integral role in defining and assessing the organization's security strategy, architecture and practices. The
Enterprise Security Architect
will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
Security Architect Responsibilities:
Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat driversDevelop security strategy plans and roadmaps based on sound enterprise architecture practicesDevelop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operationsTrack developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifactsParticipate in application and infrastructure projects to provide security-planning adviceDetermine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and endpoint protectionConduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or applicationCoordinate with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicableLiaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:
Software as a service (SaaS) providersPlatform as a service (PaaS) providersCloud/infrastructure as a service (IaaS) providersManaged service providers (MSPs)
Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in placeAssess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teamsReview security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metricsCoordinate with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systemsLiaise with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occursOther projects or duties as assigned
Security Architect Requirements:
Bachelor's degree in computer science, information systems, cybersecurity or a related field; master's degree preferred8+ years direct, hands-on experience or strong working knowledge of:
Managing security infrastructure (e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology)Reviewing application code for security vulnerabilitiesVulnerability management toolsMethodologies to conduct threat-modeling exercises on new applications and services.
Full-stack knowledge of IT infrastructure:
ApplicationsDatabasesOperating systems - Windows, Unix and LinuxHypervisorsIP networks - WAN and LANStorage networks - Fibre Channel, iSCSI and NASBackup networks and media
Direct experience designing IAM technologies and services:
Active DirectoryLightweight Directory Access Protocol (LDAP)Azure Active Directory
Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
Change managementConfiguration managementAsset managementIncident managementProblem management
Experience designing the deployment of applications and infrastructure into public cloud servicesStrategic planning skills; must interpret business, technology and threat drivers and develop practical security roadmaps to deal with these driversCommunication skills; translate complex security-related matters into business terms that are readily understood by colleaguesExperience presenting analyses in person and in written formats.Ability to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI or the payback period for services or technologies replacing existing capabilitiesSolid project management skillsExperience drafting project plans for security service and technology deployments and coordinate with stakeholders across the organization
Thank you,
Josh NovekoffRecruiting LeadLaSalle Network
#LI-DNP
LaSalle Network is an Equal Opportunity Employer m/f/d/v.
LaSalle Network is the leading provider of direct hire and temporary staffing services. For over two decades, LaSalle has helped organizations hire faster and connect top talent with opportunities, from entry-level positions to the C-suite. With units specializing in Accounting and Finance, Administrative, Marketing, Technology, Supply chain, Healthcare Revenue Cycle, Call Center, Human Resources and Executive Search. LaSalle offers staffing and recruiting solutions to companies of all sizes and across all industries.
LaSalle Network is the premier staffing and recruiting firm, earning over 100 culture, revenue and industry-based awards from major publications and having its company experts regularly contribute insights on retention strategies, hiring trends and hiring challenges, and more to national news outlets. LaSalle Network offers temporary Field Employees benefit plans including medical, dental and vision coverage. Family Medical Leave, Worker's compensation, Paid Leave and Sick Leave are also provided. View a full list of our benefits here
Enterprise Security Architect,
who will play an integral role in defining and assessing the organization's security strategy, architecture and practices. The
Enterprise Security Architect
will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
Security Architect Responsibilities:
Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat driversDevelop security strategy plans and roadmaps based on sound enterprise architecture practicesDevelop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operationsTrack developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifactsParticipate in application and infrastructure projects to provide security-planning adviceDetermine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and endpoint protectionConduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or applicationCoordinate with the privacy officer or office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicableLiaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:
Software as a service (SaaS) providersPlatform as a service (PaaS) providersCloud/infrastructure as a service (IaaS) providersManaged service providers (MSPs)
Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in placeAssess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teamsReview security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metricsCoordinate with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systemsLiaise with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occursOther projects or duties as assigned
Security Architect Requirements:
Bachelor's degree in computer science, information systems, cybersecurity or a related field; master's degree preferred8+ years direct, hands-on experience or strong working knowledge of:
Managing security infrastructure (e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology)Reviewing application code for security vulnerabilitiesVulnerability management toolsMethodologies to conduct threat-modeling exercises on new applications and services.
Full-stack knowledge of IT infrastructure:
ApplicationsDatabasesOperating systems - Windows, Unix and LinuxHypervisorsIP networks - WAN and LANStorage networks - Fibre Channel, iSCSI and NASBackup networks and media
Direct experience designing IAM technologies and services:
Active DirectoryLightweight Directory Access Protocol (LDAP)Azure Active Directory
Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
Change managementConfiguration managementAsset managementIncident managementProblem management
Experience designing the deployment of applications and infrastructure into public cloud servicesStrategic planning skills; must interpret business, technology and threat drivers and develop practical security roadmaps to deal with these driversCommunication skills; translate complex security-related matters into business terms that are readily understood by colleaguesExperience presenting analyses in person and in written formats.Ability to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI or the payback period for services or technologies replacing existing capabilitiesSolid project management skillsExperience drafting project plans for security service and technology deployments and coordinate with stakeholders across the organization
Thank you,
Josh NovekoffRecruiting LeadLaSalle Network
#LI-DNP
LaSalle Network is an Equal Opportunity Employer m/f/d/v.
LaSalle Network is the leading provider of direct hire and temporary staffing services. For over two decades, LaSalle has helped organizations hire faster and connect top talent with opportunities, from entry-level positions to the C-suite. With units specializing in Accounting and Finance, Administrative, Marketing, Technology, Supply chain, Healthcare Revenue Cycle, Call Center, Human Resources and Executive Search. LaSalle offers staffing and recruiting solutions to companies of all sizes and across all industries.
LaSalle Network is the premier staffing and recruiting firm, earning over 100 culture, revenue and industry-based awards from major publications and having its company experts regularly contribute insights on retention strategies, hiring trends and hiring challenges, and more to national news outlets. LaSalle Network offers temporary Field Employees benefit plans including medical, dental and vision coverage. Family Medical Leave, Worker's compensation, Paid Leave and Sick Leave are also provided. View a full list of our benefits here