[Hiring] Cyber Security Advisor @Assurant

Role Description

The Cyber Security Architect plays a pivotal role in protecting the organization's digital infrastructure and safeguarding critical assets. This position is responsible for developing and maintaining a robust security architecture, offering strategic guidance on cybersecurity matters, and ensuring alignment with business objectives and the security program. The role demands deep technical expertise, cross-functional collaboration, and the ability to influence and mentor stakeholders across the organization. The Security Architect/Advisor proactively assesses risks, drives the implementation of security solutions, and contributes to the continuous enhancement of the enterprise security posture.

Duties and Responsibilities

• Security Architecture Development and Maintenance:
  • Develop and maintain a security architecture process that enables the enterprise to implement security solutions aligned with business, technology, and threat drivers.
  • Create security strategy plans and roadmaps.
  • Maintain security architecture artifacts such as models, templates, standards, and procedures.
• Security Configuration and Validation:
  • Determine baseline security configuration standards for operating systems, network segmentation, and identity and access management (IAM).
  • Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks.
  • Validate security configurations and access to security infrastructure tools, including firewalls, WAFs, anti-malware/endpoint protection, application, infrastructure, and cloud security posture management systems.
• Security Assessment and Mitigation:
  • Assess the potential impact of cybersecurity risks on critical business processes and functions.
  • Perform security reviews to identify gaps and develop strategies for risk mitigation.
  • Follow all risk remediation protocols to ensure issues are mitigated, risks are accounted for, and exceptions are tracked in accordance with organizational frameworks, policies, and standards.
• Stakeholder Collaboration and Communication:
  • Collaborate with business leaders to balance security requirements with business agility, innovation, and growth.
  • Act as a subject matter expert (SME) between cybersecurity and business lines to develop security solutions in line with policies, standards, and frameworks.
  • Communicate business risk and risk mediation to stakeholders, ensuring alignment with agreed protection levels.
• Cross-Disciplinary Collaboration:
  • Work closely with other security disciplines such as Compliance, Vendor Risk, Engineering, Incident Management, Assurance, etc., on business security-related matters.
  • Constructively engage business partners regarding cybersecurity issues.

Qualifications

• 7+ years of experience in IT, Information Security, Compliance, Audit, or Risk.
• 5+ years of experience leading teams or projects.
• 5+ years of experience in an Information Security role.
• Minimum of one major cyber certification (CISSP, CEH, CISM, ISCP, CCFP, etc.).
• Familiarity with security frameworks and standards such as NIST CSF, ISO/IEC 27001, and others.
• Exceptional technical skills and understanding of IT infrastructure, applications, and governance.
• Strong written and verbal communication/collaboration skills.
• Ability to manage multiple complex priorities.

Requirements

• Bachelor's degree in Business, Computer Science, Engineering, or related discipline or equivalent experience.
• Appropriate certifications such as CISSP, CISM, CEH, OSCP.
• Excellent written and verbal communications.
• Understanding of security, compliance, audit, risk management, and business continuity.
• Experience with operating system internals, networks, applications, databases, cloud technologies, and AI solutions.
• Familiarity with legal, regulatory, and industry security requirements and frameworks.

Benefits

• Pay Range: $122,400.00 - $204,400.00.
• Any posted pay range considers a wide range of compensation factors, including candidate background, experience, and work location.