Enterprise Security Architect


Lincoln, NE Cybersecurity
Plan an integral role in defining and assessing the organization's security strategy, architecture, and practices.

At Ameritas, fulfilling life is what we do daily. We continuously strive to help our customers and employees enjoy life at its very best by reducing uncertainty, helping grow assets and protecting what is most cherished. We're here to help people put worry behind and the future ahead and help enable a life that's rich in family, happiness, health and financial security. When lives are fulfilled, our mission is fulfilled.

Ameritas Life Insurance Corp is seeking a Security Architect to drive the business by playing an integral role in defining and assessing the organization's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

Essential Job Functions

* Develop and maintain a security architecture process that enables Ameritas to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
* Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
* Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
* Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
* Participate in application and infrastructure projects to provide security planning advice.
* Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
* Determine baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM).
* Develop standards and practices for data encryption and tokenization within the organization based on the organization's data classification criteria.
* Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application.
* Conduct security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization.
* Consult vulnerability assessments and other security reviews of systems, and prioritize remediation based on the risk profile of the asset and guidance from the CISO or other executive management.
* Assist Enterprise Security in the review and assessment of security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks, applications or user profiles.
* Ensure that a complete, accurate and valid inventory of all systems, infrastructure and applications is conducted that should be logged by the security information and event management (SIEM) or log management tool.
* Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, and counterparts within the network operations center (NOC).
* With guidance from the CISO, and in conjunction with SOC colleagues, establish procedures -- including escalations -- for when IOCs are discovered.
* Conduct code reviews of applications to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system.
* Coordinate with DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices to the CISO
* Coordinate with the privacy officer to document data flows of sensitive information within the organization (e.g., PII or ePHI) and recommend controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.).
* Validate IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk where applicable.
* Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
* Review network segmentation to ensure least privilege for network access.
* Consult on reviews of the change management function for security rulesets for the organization's firewalls.
* Validate that security and other critical patches to firmware and operating systems are configured and deployed in a timely fashion.
* Liaise with technology due diligence process owners and vendor management team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including:

* SaaS providers
* Cloud/infrastructure as a service (IaaS) providers
* Managed service providers

Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the CISO and vendor management teams.

* Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
* Support the testing and validation of internal security controls as directed by the CISO or Infrastructure team.
* Review security technologies, tools and services, and make recommendations to the broader security team for their use based on security, financial and operational metrics.
* Conduct incident response exercises with colleagues throughout the organization and incorporate lessons-learned into existing security architectures and practices.
* Conduct forensic analysis of security-related incidents as needed
* Liaise with the business continuity management team to validate security practices for both disaster recovery planning (DRP) and business continuity management (BCM) testing and operations when a failover occurs.


* Bachelor's degree in computer science, information systems, cybersecurity or a related field required, or equivalent amount of education and experience.
* Master's degree in relevant field desired.
* Experience and knowledge in a combination of the following areas required:

* Payment Card Industry's Data Security Standard (PCI-DSS)
* Health Insurance Portability and Accountability Act (HIPAA)
* Sarbanes-Oxley Act
* General Data Protection Regulation (GDPR)
* Privacy Principles (best practices)
* International Organization for Standardization (ISO) 27001/2
* National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
* Cloud security experience is a plus
* Strong working knowledge of IT service management
* Direct, hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology
* Verifiable experience reviewing application code for security vulnerabilities
* Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services

We are Ameritas: proud to say we're in the business of fulfilling life.

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled

Job ID: 2524

Posted 4 months ago

Share This Job