Security Solution Architect

What You Can Expect In This Role

The Security Solution Architect (SSA) is tasked with defining and assessing the organization's security strategy and architecture. This position involves collaboration with both business and technology departments to effectively translate business objectives and risk management requirements into robust security processes and technologies. Under the supervision of the Principal Security Architect, the SSA is responsible for obtaining approvals from the Architecture Review Board and may also lead technical initiatives for complex security projects.

What You'll Do In This Role

• Governance and Strategic Leadership:
• Aligns Information Security outcomes with strategic business goals through architectural vision.
• Participates in the Architecture Review Board to ensure effective solution design and implementation.
• Contributes to the strategic roadmap for business and IT initiatives.
• Develops security procedures and standards for approval by the Chief Information Security Officer (CISO).
• Monitors changes in the digital landscape and threat environments to inform security strategies.
• Creates and maintains security architecture artifacts to enhance project and operational security.
• Secure Configuration and Infrastructure Management:
• Collaborates with IT Solution Architects to integrate security into all solutions and establish a regular schedule for maintaining a secure baseline.
• Develops baseline security configuration standards for operating systems (such as operating system hardening), network segmentation, and identity and access management (IAM).
• Assesses IT infrastructure and other reference architectures to ensure they adhere to best practices, recommending enhancements to improve security and reduce risks as needed.
• Verifies security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), and anti-malware/endpoint protection systems. Security Assessment and Risk Management:
• Facilitates or conducts threat modeling for services and applications to evaluate the associated risks and data.
• Ensures a comprehensive, accurate, and valid inventory of all systems, infrastructure, and applications is created and reconciled with the security information and event management (SIEM) tool or log management system.
• Data Security and Privacy:
• Collaborates with compliance and privacy officers to identify sensitive data within the organization (e.g., PII or ePHI) and recommends controls to ensure that this data is appropriately protected.
• Analyzes network topology to guarantee the least privilege for network access.
• Collaboration and Best Practices:
• Collaborates with other architects and security professionals to exchange best practices and insights.
• Security Tools and Operational Support:
• Monitors, documents, and communicates security-related activities, including models, templates, standards, and procedures that enhance security capabilities in projects and operations.
• May collaborate with peers to troubleshoot and resolve any systems impacted by security breaches.
• Organization:
• Commitment to embrace the shared values of Sammons Financial Group Companies: Accountability, Connection, Openness, Respect, and Integrity.
• Regular attendance is necessary to meet business service levels and workflow demands, as outlined in the Company's Attendance and Punctuality Policy.
• Join other initiatives or projects as needed.
  
  

Discipline-specific Qualifications

What We're Looking For

• Skilled in consultative and collaborative methods that align security strategies with business objectives, guiding security teams, effectively communicating technical concepts, and resolving complex security issues.
• Experienced in leading security initiatives, maintaining integrity in handling sensitive data, and demonstrating leadership by enforcing security policies.
• Demonstrated work experience in financial services, particularly in life insurance, annuities, and banking.
• Extensive experience in supporting and securing cloud service providers, including Amazon Web Services (AWS) and Microsoft Azure. Supported technologies encompass Defender for Cloud, Defender for Cloud Apps, GuardDuty, CloudTrail, Security Hub, Cloud Workload Protection Platform (CWPP), Cloud Security Posture Management (CSPM), and SaaS Security Posture Management (SSPM).
• Preferred experience supporting and securing data cloud providers, such as Snowflake, Salesforce, Confluent, and Databricks. Supported technologies include Azure Data Lake Storage (ADLS), Microsoft Fabric, AWS Data Lake, Informatica, Data Build Tool (DBT) and BigEye.
• Experienced in working collaboratively within high-performance development teams using agile methodologies and modern DevSecOps practices.
• Strong understanding of classical on-premises databases such as Microsoft SQL Server, MongoDB, Operational Data Stores (ODS), Data Marts, and Data Warehouses supporting financial services applications.
  
  

General Qualifications

• Preferred security certifications include CISSP, CCSP, GWEB, GSEC, and CCSK.
• Experience in using architectural methodologies such as SABSA, Zachman, and TOGAF.
• A minimum of ten years of experience in Information Technology, with a focus on security.
• Two years of experience in a Security Architect or Engineer role is required.
• Extensive experience in information security, compliance, assurance, and various security standards, methodologies, and principles.
• Demonstrated experience and a solid understanding of methods for conducting threat modeling exercises on new applications and services.
• Experience in applying cybersecurity and privacy principles and adhering to organizational requirements.
• Background in developing targeted cybersecurity strategies to mitigate risks for systems and applications.
• Skilled in identifying, assessing, and recommending cybersecurity products for implementation within systems, ensuring compliance with the organization's evaluation and validation requirements.
• Ability to operate effectively within a complex technology platform ecosystem managed by internal resources and vendor partners.
  
  

Other Requirements

• Criminal background check required.
  
  

What you can expect when you join Sammons Financial Group

• Sammons Financial Group offers a competitive benefit package that includes: Health, Dental, Vision, Company Paid Retirement, PTO and Holiday Pay.
• Our Employee Stock Ownership Plan (ESOP) is a 100% company-funded retirement plan, so you can save for retirement without contributing a penny of your own paycheck.
• Healthy balance between work and personal lives. Friday afternoons off all year long, competitive PTO, and generous number of paid holidays.
• Our incentive program for defined goals subject to eligibility and performance. Monetary rewards are based on individual and/or overall company performance.
• Colleagues who support one another, model our core values, and drive our healthy, high-performing culture.
  
  

Salary Range Information

USD $101,857.00 - USD $212,203.00 /Yr. Range includes data points from multiple labor markets. Specific range is dependent on the labor market where the incumbent will be hired to perform the position. Starting salary is dependent on candidate qualifications and experience. For a narrower salary range specific to your labor market, please inquire.

Work Authorization/Sponsorship

At this time, we’re not considering candidates that need any type of immigration sponsorship now or in the future or those needing work authorization for this role (This includes, but is not limited to students on F1-OPT, F1-CPT, J-1, etc.)