IT Security Architect
- Career Level
- Not Specified
The Security Architect is a senior role in the team responsible for the companys information security systems and tools used to preserve the confidentiality, integrity and availability of information resources and assets. The Security Architect is responsible for the design, development, and integration of enterprise-wide security architecture and technologies. This position will provide strategic security guidance for projects, applications security requirements and technical architecture for the companys information systems.
Essential Duties and Responsibilities:
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.
- Designs and guides the implementation of efficient and cost-effective enterprise-wide security solutions that address regulatory requirements and align to company security standards and frameworks
- Develops and maintains documentation of security architecture design, policies, standards and operating procedures
- Ensures developed systems and architectures are consistent with organizations cyber security architecture guidelines
- Defines and documents how the implementation of a new system or new interfaces to existing systems impact current security posture and propose mitigations to reduce the impact
- Collaborates with peer architects, system admins, and application development teams to provide secure solutions to complex problems
- Designs public key infrastructure (PKI), including the use of certification authorities (CAs) and digital signatures
- Monitors the evolving security landscape and regulations to measure the impact to the companys current security posture.
- Performs security reviews, identifies gaps in security architecture and develops a security risk management plan
- Assists with managing remediation plans for any security gaps reported in audits or recommended process improvements.
- Monitors and advises on information security issues related to the systems and workflow to ensure the internal security controls for the company are appropriate and operating as intended
- Prepare system security reports by collecting, analyzing and summarizing data and trends and presents report to management
- Proposes new technologies or procedures that could be used to advance the ability to detect and mitigate malicious activity
- Leads security projects from inception to creation of guidelines used to deploy security components into production
- Performs periodic firewall rule set reviews for rule effectiveness
- Provides technical guidance and supervision to security administrators and security analysts
- Participates in Incident Response as a technical lead
- Performs, leads or assists vulnerability testing, risk analyses and security assessments
- Participates in Disaster Recovery and Business Continuity planning and testing
- Performs other related duties as assigned
Minimum Skills and Competencies:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- B.A or B. S. in Computer Sciences, Management Information Systems or related fields. Experience plus education and certifications may be considered in lieu of degree
- 8+ years of experience as a Security Analyst or similar role
- Demonstrated knowledge of HIPAA, PCI, SOX, ISO27000 and NIST Cybersecurity Frameworks
- Experience managing IDS/IPS, penetration and vulnerability testing
- DLP, anti-virus and anti-malware
- Working knowledge of TCP/IP, routing and switching (Cisco CCNA Security certification a strong plus)
- Demonstrated knowledge of firewall, load balancing and intrusion detection/prevention principles
- Demonstrated experience with Windows, UNIX and Linux operating systems
- Demonstrated experience with network protocols and packet analysis tools
- A strong ability to multi-task and manage varying priorities and projects
- Excellent interpersonal, verbal, and written communication skills with the ability to communicate security risk and compliance related concepts to a broad range of technical and non-technical staff
- The ability to provide support after normal business hours as needed
- Supplemental education or certifications (PMP, MS IS, MBA, CPA, etc.)
- Experience with enterprise security tools such as Tripwire Enterprise, Tripwire IP360, Nessus, BeyondTrust Retina, Qradar, Trustwave TrustKeeper, Proofpoint, McAfee ePO/HBSS
- Working knowledge of Cloud computing, SaaS models and Cloud Security Alliance (CSA) principles
- Industry relevant certifications such as CEH, CISSP, CISM, GSEC/GCIH/GCIA GIAC
- IT Security experience in a regulated environment to include one more of the following industries: Insurance, Financial Services, Pharmaceuticals
About National General Holdings:
National General Holdings Corp. is headquartered in New York City. National General traces its roots to 1939, has a financial strength rating of A (excellent) from A.M. Best, and provides personal and commercial automobile, homeowners, umbrella, recreational vehicle, motorcycle, supplemental health, and other niche insurance products. We are a specialty personal lines insurance holding company. Through our subsidiaries, we provide a variety of insurance products, including personal and commercial automobile, homeowners, umbrella, recreational vehicle, supplemental health, lender-placed and other niche insurance products.
National General is a fast paced, dynamic, and entrepreneurial organization. Our team members live by and exemplify what we call the 4Es. At National General, we are Energized, Engaged, Empowered, and we Execute every day in order to provide an exceptional experience for our customers! We are passionate about our organization and the value that we add every day. A successful candidate with National General will embody the 4Es. Our team is poised to outperform the competition. We are National General Insurance and with us you can be extraordinary! Come join our team!
Companies and Partners
Direct General Auto & Life, Personal Express Insurance, Century-National Insurance, ABC Insurance Agencies, NatGen Preferred, NatGen Premier, Seattle Specialty, National General Lender Services, ARS, RAC Insurance Partners, Mountain Valley Indemnity, New Jersey Skylands, Adirondack Insurance Exchange, VelaPoint, Quotit, HealthCompare, AHCP, NHIC, Healthcare Solutions Team, North Star Marketing, Euro Accident.
In addition to a phenomenal career opportunity, National General Insurance offers an excellent benefits package including:
Medical, Dental, Vision benefits
Life and Short/Long Term Disability Insurance
401k w/ Company Match
Company Paid Holidays & Generous Time-off policy
Employee Discount Program
Career Advancement and Development Opportunities
On-site Healthcare Clinic (Winston-Salem and Cleveland offices)
On-site Fitness Center (Cleveland and Dallas offices)
Subsidized parking (Cleveland office)
National General Holdings Corp. is an Equal Opportunity (EO) employer Veterans/Disabled and other protected categories. All qualified applicants will receive consideration for employment regardless of any characteristic protected by law. Candidates must possess authorization to work in the United States, as it is not our practice to sponsor individuals for work visas.