Information Security Architect
Westfield Insurance · Westfield Center, OH · 2 wk ago
HybridInformation TechnologyFull-time
What You’ll Do
- Develop and implement security architecture strategies and roadmaps aligned with business goals, regulatory requirements, and industry best practices.
- Collaborate with Enterprise Architects and engineering teams to embed security-by-design into application, infrastructure, cloud, and AI initiatives.
- Perform threat modeling on new and existing systems, identifying risks and designing pragmatic, effective security controls.
- Define security requirements for business application implementations and major technology changes across the enterprise.
- Architect and validate enterprise security controls including network security, IAM, encryption, monitoring, and cloud-native security services.
- Conduct security architecture reviews and risk assessments, identifying gaps and recommending mitigation strategies.
- Evaluate and apply emerging security technologies to strengthen the organization’s security posture.
- Partner with cross-functional teams to ensure consistent security frameworks, standards, and reference architectures.
- Create and maintain core security architectural artifacts including threat models, security solution diagrams, data flow diagrams, security control mappings, reference patterns, and system security plans to guide consistent and secure solution delivery.
Qualifications
- Technical background: 10+ years of experience in information security, architecture, or a closely related technical discipline.
- Education: Bachelor’s degree in Computer Science, IT, or related field, or equivalent experience. Master’s degree preferred.
- Experience: Experience may include network security and segmentation, identity and access management and privileged access design, cloud security architecture (Azure preferred or AWS), AI and machine learning security practices, application and API security, data protection, encryption, tokenization, and key management, container and Kubernetes security, zero trust architecture patterns, security monitoring, detection engineering, and incident response, vulnerability and risk management, security automation, DevSecOps, and CI/CD pipeline security.
Behavioral Competencies
- Directs work
- Collaborates
- Develops talent
- Customer focus
- Communicates effectively
- Ensures accountability
- Decision quality
- Business insight
- Nimble learning
- Builds effective teams
- Manages complexity