Lead security architect

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world's most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world's most sophisticated clients using leading technology and exceptional service.

Title: Lead Security Architect

Description

• Serve as subject matter expert in Application Security Architecture space
• Partner with Application teams and provide consultation that can help secure their CI/CD implementation
• As an SME in DevSecOps space, provide security architecture guidance in selection of appropriate tools
• Provide security guidance that can help accelerate the application migrations to cloud
• Partner with application teams to ensure 'secure by design' principles are followed as they modernize their applications
• Carries out complex initiatives involving multiple disciplines and/or ambiguous projects
• Evaluates and selects from existing and emerging technologies those options best fitting business/project needs
• Promotes sharing of expertise through consulting, presentations, and documentations, etc.
• Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc.
• Experienced, functional expert with technical and/or business knowledge and functional expertise
• Guides the development, specification and communication of application or infrastructure architectures used by multiple business or application systems.

Qualifications

• Bachelor's degree and experience in information security, or an equivalent combination of education and work experience.
• Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff.
• Six years of industry experience with the combination of main stream Information Security role and application development is preferred
• CISSP, CISM, or Security+ certification preferred
• Strong collaboration skills and analytical ability
• Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies.

Requirements/Responsibilities -

• Experience related to application development and DevOps
• Very good understanding of CI/CD pipeline and secure application development methodologies
• Experience with security tools related to DevSecOps- SAST, DAST, IAST
• In-depth knowledge of various cybersecurity frameworks, standards, and SSDLC
• Experience related to vulnerability management is big plus
• Must have very good understanding related to OWASP top vulnerabilities and knowledge related to MITRE framework
• Knowledge related to WAF, App Proxy, and CDN
• Very good understanding of zero-trust architecture and working experience with relevant tools/technologies
• Good understanding related to IPS/IDS, Network load balancer, firewalls, Z-Scaler, and networking technologies
• Knowledge related AI/ML, DevSecOps, CI/CD Pipeline, IaC, and relevant tools
• Experience in dealing with threat vectors and develop relevant plans to protect the organization from cyber threats
• Lead the security architecture reviews and provide analysis with the observations and findings
• Experience in providing security consultation to application teams
• Knowledge of network architecture concepts including topology, protocols, and components
• Understanding related to SEIM and experience related to Microsoft Defender, Entra, KQL, APIM, endpoint protection, scripting, CoPilot
• Knowledge related to Privilege access management, Threat hunting, data protection, encryption, Authentication/Authorization, Vulnerability management systems, Cloud Security Posture Management.
• Very good understanding of concepts related to docker, container, serverless computing, and Kubernetes
• Must be able to represent the security architecture team in technical discussions and drive towards deliverables with minimal guidance

Salary Range:

$99,600 - 169,200 USD

Salary range is a good faith estimate of base pay. Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits. Northern Trust also provides a discretionary bonus program that may include an equity component.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We'd love to learn more about how your interests and experience could be a fit with one of the world's most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at [email protected] .

We hope you're excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.