Apply on Employer Site

Westfield Insurance · 2 months ago

Information Security Lead Architect

One Park Circle, Westfield Center, OH, 44251-5001, US

Full-time

Hybrid

Senior Level, Lead/Staff

10+ years exp

Westfield Insurance is seeking an Information Security Lead Architect who will be responsible for leading the design and implementation of enterprise-wide cybersecurity architecture solutions. This role involves assessing security risks, defining technical requirements, and developing strategies to mitigate vulnerabilities while providing guidance and mentorship to security teams.

Insurance

Responsibilities

Develops and contributes to the implementation of the information security architecture strategy and roadmap, aligning it with business objectives, regulatory requirements, and industry best practices

Provides guidance to the security team, overseeing the design and integration of security solutions

Works with business units, IT teams, executive leadership, and vendors to communicate security risks and strategies

Recommends and implements new security technologies and tools

Defines and enforces security standards and frameworks

Collaborates with enterprise architects to integrate security controls into IT architecture

Develops and promotes security architecture processes and templates

Conduct security architecture reviews and risk assessments, identifying potential vulnerabilities, weaknesses, and gaps in existing systems and proposing effective solutions to mitigate risks

Serves as a mentor to junior security architects and team members

Participates in security forums and conferences

Provides technical leadership and guidance to the information security team and other stakeholders, overseeing the design, implementation, and integration of security solutions across the organization

Ensures collaboration of business units, IT teams, and vendors to assess security requirements, evaluate solution options, and architect secure systems and applications that meet business needs while maintaining a strong security posture

Defines and enforces information security standards, frameworks, and reference architectures, ensuring consistent and standardized security practices across all technology domains and projects

Oversees the conduct of security architecture reviews and risk assessments, identifying potential vulnerabilities, weaknesses, and gaps in existing systems and proposing effective solutions to mitigate risks

Oversees the design and implementation of security controls, such as firewalls, intrusion detection/prevention systems, encryption mechanisms, and secure network architectures, to protect the organization's assets and data

Collaborates with enterprise architects and IT stakeholders to integrate security controls and requirements into overall IT architecture frameworks, ensuring the security-by-design principle is followed throughout the development and implementation lifecycle

Provides subject matter expertise in security technologies and solutions, evaluating emerging security trends and products, and making recommendations for the adoption of new technologies to enhance the organization's security posture

Participate in security incident response and investigation activities, coordinating with internal teams and external entities to effectively respond to and mitigate security incidents, and providing guidance on post-incident remediation actions

Qualification

NIST CSFISO 27001Zero TrustCloud securityIdentityAccess managementCISSPCISMAWS Certified Solutions ArchitectAzure Solutions ArchitectEncryption security controlsNetwork security controlsApplication securityGDPR awarenessCCPA understandingCollaborationCommunication

Required

10+ years of experience in Information Security or related field

Bachelor's degree in Computer Science, Information Technology or a related field and/or commensurate experience

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Azure Solutions Architect

AWS Certified Solutions Architect

TOGAF

Other relevant certifications

Preferred

Expertise in security practices and tools designed to protect containerized applications, including container image scanning, runtime protection, least-privilege configurations, and native container security measures

Experience in the design, implementation, and ongoing reviews of security controls for one or more public cloud providers (e.g., Azure, AWS)

Skills in the design, assessment, and implementation of encryption security controls, including protections against emerging quantum computing threats

Proficiency in assessing overall network security posture and vulnerabilities, and designing and implementing network security controls (e.g., Firewalls, IPS, ZTNA)

Background in application security and the software development lifecycle

Familiarity with the NIST Cybersecurity Framework

Knowledge of ISO/IEC 27001 standards

Understanding of the SABSA framework

Awareness of GDPR (General Data Protection Regulation) requirements

Knowledge of New York Department of Financial Services (DFS) cyber security regulations

Understanding of the California Consumer Privacy Act (CCPA)

Company

Westfield Insurance

Glassdoor3.5

Founded in 1848, Westfield is a global leader in property and casualty insurance, delivering superior risk insights and innovative solutions to customers through a diverse portfolio of insurance products.

Westfield Center, Ohio, US

1001-5000 employees

https://www.westfieldinsurance.com

Funding

Current Stage

Late Stage

Leadership Team

Joe Kohmann

Chief Financial Officer & Treasurer

Amy Larsh

Executive Assistant to the President, CEO & Board Chair

Company data provided by crunchbase