Principal, Security Architect - Data Protection
Northern Trust
- Madison, WI
- Permanent
- Full-time
2. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication.
3. Contributes to the Data Protection team and communicates security gaps to senior management in Information Technology, Information Security, and Corporate Risk Management.
4. Layout strategy for the Data Protection program.
5. Interfaces frequently with information security industry groups to stay abreast of emerging security trends
6. Seasoned multi-disciplinary expert with extensive technical and / or business knowledge and functional expertise
7. Focus of role is on execution of strategic direction of business function activities
8. Carries out complex initiatives involving multiple disciplines and/or ambiguous issues
9. Displays a balanced, cross-functional perspective, liaising with the business to improve efficiency, effectiveness and productivity
10. Helps establish overall enterprise information security architecture (EISA) by aligning business processes, IT software and hardware, local and wide area networks, people, operations, and projects with the organization's overall security strategy
11. Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements, as detailed in solicitation documents
12. Identifies alternative functional security strategies to address organizational IT security concerns
13. Interprets and/or approves security requirements relative to the capabilities of new information technologies
14. Leads and aligns IT security priorities with the organization's mission and vision
15. Manages the monitoring of external threat intelligence data sources to maintain enterprise situational awareness
16. Assists in monitoring and evaluating the effectiveness of the enterprise's information security safeguards to ensure they provide the intended level of protection
17. Helps provide technical documents, incident reports, findings from computer examinations, summaries, and other situational awareness information to appropriate senior managementKnowledge :
- Excellent oral and written communication skills are required
- Highly flexible and adaptable to change
- Extensive knowledge of information security management frameworks (i.e., ISO 2700X, NIST CSF, SANS Top 20 Critical Security Controls, etc.)
- Knowledge of information assurance principles, information security program management and project management principles and techniques
- Knowledge of RCSA and PRCI frameworks
- Experience in multi-cloud hybrid environments and modernization activities.
- Experience in a highly regulated environment, specific experience with FFIEC, OSFI, PCI-DSS, SOX preferred
- Knowledge of what constitutes a threat to a network and knowledge of incident response and handling methodologies
- Knowledge of network architecture concepts including topology, protocols, and components and network management principles, models, and tools
- Knowledge of network security architecture, including the application of Defense-In-Depth principles, Principle of Least Privilege and knowledge of network traffic analysis methods
- Knowledge of server and client operating systems
- Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems
- Excellent analytical skills.
- Ability to communicate security and data governance related concepts to a broad range of technical and non-technical staff both verbally and in writing.
- Ability to manage multiple tasks simultaneously and meet established deadlines.
- Ability to collaborate with all IT teams on security-related incidents, tasks and projects.
- Ability to work productively while remote and communicate effectively in a virtual team environment.
- Ability to stay current with new technology. Extensive knowledge of protection solutions and technologies for Data Loss Prevention (DLP) Experience implementing and managing data loss prevention (DLP) solutions. Experience with DLP for Windows, Linux, Mac operating systems.
- Experience with DLP in multi -Cloud environments. Experience utilizing security and data governance best-practices to for DLP solutions. 8+ years Information Security experience.
- 4+ years of experience with technologies to support Agile &/or Scrum methodologies