Security Architect- AS BISO

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

Job Profile Summary
Expert responsible for developing and administering solutions that meet system expectations relative to scalability, performance, fault tolerance, usability, and data integrity for the Information Security Operations and Architecture function. This position will collaborate extensively with business, technology, risk and other corporate teams to establish and strengthen adoption of security by design. We operate within a complex landscape driven by client expectations and the diverse needs that comes with operating in countries across the globe.

This role is part of the Information Security organization, aligning to Business Information Security Officer (BISO) for Asset Servicing and Chief Operating Office. This role will report to the BISO who reports to the Global Chief Information Security Officer (CISO).

Responsibilities

Works with management and the architecture team to develop the security strategy and plan and ensures objectives are met. Provides leadership and guidance to staff, fostering an environment that encourages employee participation, teamwork, and communication. Participate in Architecture Review Boards and help teams create secure design. Evaluates proposals to determine if proposed security solutions effectively address enterprise requirements. Displays a balanced, cross-functional perspective, constantly liaising with the business to improve efficiency, effectiveness and productivity. Work with Enterprise Security Architecture team to develop Security blueprints and patterns. Good understanding of vulnerability management.  Interfaces frequently with information security industry groups to stay abreast of emerging security trends.  Focus of role is on execution of strategic direction of business function activities. Identifies alternative functional security strategies to balance organizational IT security concerns and business requirements.
 

Description:

• Guides the development, specification and communication of application or infrastructure architectures used by business or application systems.
• Security architect primarily focused on technologies related to authentication, authorization, access management, governance, controls, regulatory requirements etc. As a key member of Workforce authorization and authentication team this candidate will play a vital role in ensuring the secure and compliant implementation of various solutions (Hybrid and Cloud).
• Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements.
• Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc.
• Evaluates and selects from existing and emerging technologies those options best fitting business/project needs
• Promotes sharing of expertise through consulting, presentations, and documentations, etc.
• Experienced, functional expert with technical and/or business knowledge and functional expertise
• Carries out complex initiatives involving multiple disciplines and/or ambiguous projects
• Displays a balanced, cross-functional perspective, liaising with the business to help improve efficiency, effectiveness, and productivity

Qualifications:

• Knowledge of network architecture concepts including topology, protocols, components and the application of Defense-In-Depth principles

• Ten years of experience in the Information Security roles preferred; wide range of technical experience across multiple Cyber Security domains.  Five years of experience as a Security Architect

• In-depth knowledge and experience on Entra ID, EPM, Sentinel, Azure, M365, AWS Security is required
• Excellent communication skills with the ability to convey complex technical and non-technical concepts in verbal products & excellent writing skills
• Thoroughly understands and provides solutions considering Security technology choices, such as design, protocols support, secrets management, data security, client server communication, token handling, Session management, credential vaulting, OIDC/ OAuth flows, Okta usage and implementations, authorization patterns, identity federation, cloud architectures, cryptography, cloud native services, cloud security etc.
• Good understanding of Cloud Infrastructure Entitlement Management solution (CIEM) to ensure continuous improvement in Security Posture by providing consultations to application teams
• Exposure to API Management, Firewalls, DLP, VPNs, DNS, Azure Defender, MCAS, Sentinel, WAFs, Application Gateways, NSGs, App Proxy, Radius clusters, CDN etc.
• Deep understanding of Applications security, OWASP standards, security best practices, browser compatibilities/storages/cookies
• Displays a balanced, cross-functional perspective under information security, liaising with other towers and business to help improve Security centric designs
• Strong knowledge on Identities management on Azure AD with OAuth, OIDC, SAML, SSO, MFA, Conditional access policies, MFA, Kerberos, LDAP, Identity Federations etc.
• Strong knowledge of:
  • Security architecture patterns, requirements, and security controls;
  • Security controls like Authentication, Authorization, Data Security, IAM;
  • Threat modeling frameworks and methodologies
  • Secure code reviews and utilizing outputs
  • Common frameworks and standards such as CRI and NIST
  • Knowledge of penetration testing tools and techniques (e.g., metasploit, neosploit, etc.)

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.