Security Review Architect (Remote) - Contract Position

Overview

Security Review Architect will serve as a key technical resource in Global Cyber and Information Security (GCIS) organization.

This role will be responsible for reviewing and managing internal requests for security architecture reviews / security risk assessments.

The reviews and risk assessments should align to, or provide alternatives for, our current state frameworks, design patterns, standards, reference architectures, best practices and requested technical specifications.

This role will make determinations on request priorities based on a standard set of criteria. The role will need to work closely with other Information Security colleagues, IT & Infrastructure organizations and Business teams globally to provide the security architecture reviews and risk assessments.

Requests and all related security architecture response documents should be organized and managed in directed locations.

This role will communicate the completed reviews with requestors in order to recommend and influence cyber security objectives.

Please note additional position details below : This is a Temp-To-Hire, W-2 position. We are not able to do 1099 or C2C.

It is a fully remote role that will need to be based in the or Canada You must meet our Eligibility requirements for work authorization as stated below.

How you'll make an impact Work with the Cyber Architecture Manager to further develop and refine the security architecture review process.

Document and create any processes, frameworks, templates or communications to mature the security architecture review process.

Keep the intake and review process organized and requestors informed of status. Develop / refine / request automated tooling necessary to best accommodate the process.

Align with internal teams such as Enterprise Architecture, 3rd Party Risk Management, Mergers & Acquisitions, Cloud Architecture and Engineering, Network, Infrastructure and Security Engineering on the request process to streamline and provide consistency and smooth transitions.

Refer to and make recommendations to further define and mature Information Security architectural standards, artifacts, design patterns and technical specification documents utilizing feedback from existing reviews.

Determine if / when / how requests should include security engineers and onboard and collaborate using existing processes.

Delineate and define reviews / review process for alternative geo locations (non-US) as needed and collaborate with global partners to provide consistency in responses.

Collaborate with risk and compliance / policy teams to align, create or improve upon risk frameworks, standards or policies in relation to the security reviews.

Provide feedback to recommend improvements to the global security architecture in order to improve security posture, mitigate risks and balance costs.

Proactively identify technical and architectural risks as part of the review process creating review documents that comment on, and provide alternatives for, solutions that align to standards.

Participate at the request of architectural leadership on assigned forums, collaborate, and provide appropriate thought leadership and expertise in cyber security architecture.

About You Required : Bachelor's degree or equivalent work experience in Computer Science or related field Minimum 2+ years of cybersecurity and / or risk mitigation experience Minimum 2+ years of experience in a reviewer or documenter role for detailed technology solutions and environments Exposure to, or experience with, creating or evaluating solution architectures, code, models and vendor documents with ability to understand and articulate patterns and cyber security risks to business and technical teams Exposure to or experienced with insurance and risk management domains Experienced and developed collaboration, elicitation and documentation skills Proven success communicating and recommending cyber security architecture best practices and standards for custom and / or SaaS security solutions and services.

Highly organized with attention to detail, responsiveness and pro-active in keeping inventories updated Knowledge and experience in enterprise architecture frameworks such as TOGAF Knowledge and experience with security standards frameworks (NIST - CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR) Preferred : At least one certification related to information security such as;

CISSP, CCSP, TOGAF Security Strong knowledge of cloud (IaaS, PaaS and SaaS) offerings Experience working with security tools and concepts such as firewalls, end point protection, MFA and data protection Demonstrated working experience in a regulated and globally distributed environment Key Characteristics : Strong communications skills - oral and written Self-starter with strong work ethic Flexible and resilient, handle various demands planned and unplanned Proven ability to handle multiple tasks and projects simultaneously Problem solver and desire to close issues, pragmatic and realistic with solutions Resilient and collaborative, motivated to pro-actively influence partners to successful security safe resolutions #contingent Compensation and benefits On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.

Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve : Medical / dental / vision plans, which start from day one! Life and accident insurance 401(K) and Roth options Tax-advantaged accounts (HSA, FSA) Educational expense reimbursement Paid parental leave Other benefits include : Digital mental health services (Talkspace) Flexible work hours (availability varies by office and job function) Training programs Gallagher Thrive program elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing Charitable matching gift program And more...