Logo of Huzzle

Home

Matches

Explore

Manage

Principal, Security Architect - Threat Modeling

image

Northern Trust Corporation

Aug 13, 2024

  • Job
    Full-time
    Senior Level
  • Quick Apply

AI generated summary

  • You need a bachelor's in computer science, 5 years in InfoSec, threat modeling expertise, cloud experience, strong communication, and knowledge of cybersecurity frameworks, tools, and AI/ML.
  • You will guide architecture development, consult on cybersecurity for cloud projects, lead security initiatives, evaluate technologies, and enhance team collaboration and communication.

Requirements

  • - Bachelor's degree in computer science or a related discipline and experience in information security, or an equivalent combination of education and work experience.
  • - Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies.
  • - Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff.
  • - Five years of experience in the Information Security role. Three years of experience with cloud and/or technologies
  • - CISSP, CSSP, or Cloud security certification preferred
  • - Strong collaboration skills and a analytical ability
  • - Good understanding of various cybersecurity frameworks, standards, and SSDLC
  • - In-depth knowledge related to threats modeling and relevant frameworks. Hands-on experience with threat modeling process and tools
  • - Design and implement security controls to protect against identified threats and vulnerabilities.
  • - Experience working with tools related to Threat hunting, data protection, Security Posture Management, and Attack surface management.
  • - Ability to establish security patterns related to cloud/ hybrid architecture and work with various tech teams to assist with the implementation as needed
  • - Knowledge related to WAF, App Proxy, and CDN
  • - Hands on experience with various operating systems including Windows, Linux, Unix, and MAC
  • - Experience working with Microsoft Azure/M365, AWS, hybrid, and multi-cloud systems.
  • - Hands on experience working with IPS/IDS, Network load balancer, firewalls, and networking technologies.
  • - Knowledge related AI/ML, DevSecOps, CI/CD Pipeline, IaC, and relevant tools
  • - Very good understanding of concepts related to docker, container, serverless computing, and Kubernetes.
  • - Experience working with teams that handle infrastructure components including Storage systems, directory services, and virtualization.
  • - Past experience in SAST, DAST, open source scanning and penetration testing is preferred.
  • - Past experience in software development in a mainstream language is preferred.
  • - Must be able to represent the team in technical discussions and drive towards deliverables with minimal guidance

Responsibilities

  • - Guides the development, specification and communication of application or infrastructure architectures used by multiple business or application systems.
  • - Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements.
  • - Acts as cybersecurity expert for cloud migration projects/programs.
  • - Leads various Security initiatives.
  • - Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc.
  • - Partner with Management in the building of new and on-going vendor relationships.
  • - Evaluates and selects from existing and emerging technologies those options best fitting business/project needs.
  • - Promotes sharing of expertise through consulting, presentations, and documentations, etc.
  • - Experienced, functional expert with technical and/or business knowledge and functional expertise.
  • - Carries out complex initiatives involving multiple disciplines and/or ambiguous projects.
  • - Displays a balanced, cross-functional perspective, liaising with the business to help improve efficiency, effectiveness, and productivity.
  • - Strategic in developing, implementing, and administering programs within functional areas.
  • - Provides guidance to team members, fostering an environment that encourages employee participation, teamwork, and communication.

FAQs

What qualifications are required for the Principal, Security Architect - Threat Modeling position?

A Bachelor's degree in computer science or a related discipline and experience in information security is required, or an equivalent combination of education and work experience. Additionally, candidates should have deep knowledge of application or infrastructure systems architecture and at least five years of experience in the Information Security role, including three years with cloud and/or technologies.

Are there any preferred certifications for this role?

Yes, CISSP, CSSP, or Cloud security certifications are preferred.

What type of experience is required regarding threat modeling?

Candidates should have in-depth knowledge related to threat modeling, relevant frameworks, and hands-on experience with the threat modeling process and tools.

Is experience with cloud technologies necessary for this role?

Yes, experience working with Microsoft Azure/M365, AWS, hybrid, and multi-cloud systems is required.

What is the importance of collaboration in this role?

Strong collaboration skills are essential, as the Principal Security Architect will need to work effectively with clients, partners, and IT management and assist various tech teams with security implementations.

Is there a focus on specific security tools?

Yes, candidates should have experience working with tools related to threat hunting, data protection, Security Posture Management, and Attack surface management.

What types of systems and technologies should candidates be familiar with?

Candidates should have hands-on experience with various operating systems (Windows, Linux, Unix, and MAC), as well as knowledge related to WAF, App Proxy, CDN, and networking technologies.

Is prior experience in development beneficial for this position?

Yes, past experience in SAST, DAST, open source scanning, and penetration testing is preferred, and experience in software development in a mainstream language is also beneficial.

How does Northern Trust support career growth?

Northern Trust encourages movement within the organization, offers a flexible and collaborative work culture, and provides opportunities for employees to build their careers and explore new ideas.

How can individuals with disabilities request accommodations during the application process?

Individuals needing reasonable accommodations can email the HR Service Center at MyHRHelp@ntrs.com for support during the employment process.

image

Northern Trust Corporation

Dynamic careers. Brighter futures. Greater possibilities.

Finance
Industry
10,001+
Employees
1889
Founded Year

Mission & Purpose

Northern Trust is a leading global financial services company that offers a comprehensive range of asset servicing, investment management, and banking solutions to individuals and institutions. With a strong emphasis on client-focused services, Northern Trust aims to build enduring partnerships with their clients by providing tailored solutions and exceptional customer experiences. Their expertise in asset management, wealth management, and asset servicing enables them to deliver innovative and reliable financial solutions that help clients grow, preserve, and manage their wealth effectively. As a trusted financial partner, Northern Trust's purpose is to empower their clients to achieve their financial goals and navigate the complexities of the global financial markets with confidence and peace of mind.