Job Description :

Must be onsite from day one 2 days a week.

Will need to go in to get equipment

Title: Security Architect

Location: Prudential Center (only accessible via T close to both orange/green line). 111 Huntington Ave, Boston. Remote position until the office starts to phase back - also all contractors moving forward must go onsite to be fingerprinted on their first day before returning home

Important Skills

    • Technical
    • Soft communication skills

Interview Process: 1 skype round- in person interview

Reports to: Senior Group Manager of Information Security

  • Knowledge of security solutions to be able to update and upgrade as needed, such as LogRythm, Tenable, HPSureClick, Tanium, RSA, CyberArk, Guardium, Varonis, and Websense/ForcePoint Data Leakage Prevention (DLP) and other security-related tools.

BASIC PURPOSE: The Security Architect is a subject matter expert in Information Security and is responsible for the design, implementation, and effective and efficient maintenance of related technologies. Additionally, this individual has broad and expert knowledge of Information Technology at large, with a firm understanding of related disciplines and how they interoperate. The Security Architect is responsible for leading design, implementation, and troubleshooting efforts and is directly accountable for the results. The Security Architect's deep and broad knowledge enables a holistic understanding of the technology environment.


  • Serves as key subject matter expert in the field of Information Security, maintaining a deep understanding of the field and its related technologies.
  • Proactively develops and maintains strong knowledge of the company's information systems and their related components, and makes recommendations to improve the reliability, scalability, performance, or security of these systems as appropriate.
  • This includes proactive performance tuning and capacity analysis to ensure the companyis maximizing its technology investment.
  • Leverages technology to automate manual tasks, and seeks to improve efficiency wherever practicable and appropriate.
  • Provides technical support to ensure the ongoing efficient and reliable operations of related information systems.
  • Provides the technical service function for security operations. Responsible for addressing technical level security service requests received by clients. Receives documents, solves, and communicates service resolution according to management's directives and applicable policies, procedures, and standards.
  • Performs work within security service levels and strives to improve service levels and maintain excellent client relationships.
  • Assists management in determining Information Security strategy and direction for the company and for selected technologies.
  • Advises IT management on information security issues, systems, processes, products, and services; defines requirements in support of budget plans and makes recommendations for ways to improve performance and reduce costs.
  • Develops, enforces and maintains the company's Information Security controls, procedures, and standards.
  • Responsible for understanding the internal and external technological tools/software used by the Information Security group to maintain compliance, assess threats and vulnerabilities, support remote and Internet access, and manage encryption.
  • Takes a leadership role in the management of these technological tools by understanding their purpose, application, and overall maintenance and administration.
  • Leads security risk assessments to methodically analyze information technology assets and processes, identifying risks from both a technical and business perspective, and recommending mitigation strategies to mitigate those risks to an acceptable level.
  • Works closely with Information Technology and business units to ensure that security controls are properly implemented across the environment, both during design and after deployment.
  • Prepares detailed and well-written documentation. Conducts security investigations according to documented procedures and management's directives.
  • Maintains confidentiality in these matters and works to ensure the confidentiality of other information which is encountered during the discharge of security responsibilities.
  • Receives broad goals and overall objectives from Management and proactively establishes and implements the methods to attain them.
  • Maintain the security of a company's technology environment by planning comprehensive (complex) control design to mitigate threats while balanced with company's risk appetite and provide assurance it works
  • Create solutions that balance business requirements with information and cyber security requirements
  • Assess, establish and monitor countermeasures that protect, detect and/or deter when an unauthorized attempt occurs
  • Serves as mentor to other technical team members, and presents technology briefings to IT and business line management as required. Researches and implements industry best practices.


  • Advanced understanding of security protocols, cryptography, and security
  • Bachelor's degree or equivalent experience in a related technical field. Master's degree or equivalent preferred.
  • Ten or more (10+) years of related Information Technology with a minimum of six (6+) years of Information Security-specific experience. CISSP preferred.
  • Additional possible certifications: CISM, CISA, ISSAP, ISSEP
  • Considered subject matter expert in the area.
  • Strong knowledge of multiple technologies, platforms, and programming languages.
  • Solid understanding of Systems Development Life Cycle models.
  • Exceptional communication skills with diverse audiences, including facilitation, negotiation and presentation skills
  • Strong critical thinking, analytical skills and attention to detail Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments, and provide technical guidance to a security team
  • Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
  • Intimate knowledge of current and trends with security solutions to be able to integrate with controls and safeguards
  • Familiar with emerging technology and the effect on designing security controls, such as Blockchain, Artificial Intelligence, Machine Language, Robotics, Mobile, Cloud (public, private and hybrid for Infrastructure as a Service (IAAS, Amazon Web Services (AWS) or Microsoft Azure), Platform as a Service (PAAS), Software as a Service (SAAS)
  • Familiar with emerging technology and the effect on designing security controls, such as Containerization, Artificial Intelligence, Office 365, Robotics, Mobile, Cloud (public, private and hybrid for Infrastructure as a Service (IAAS, Amazon Web Services (AWS) or Microsoft Azure), Platform as a Service (PAAS), Software as a Service (SAAS)
  • Understanding of network protocols and ability to develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices Understand programming language and technologies to write code, complete programming and performs testing and debugging of applications Java/J2EE, C#, API/web services, scripting languages and a relational database management system (RDBMS) such as MS SQL Server or Oracle.
  • Strong understanding of Cloud and Application Security Best Practices, Azure and O365 experience preferred. Intimate knowledge of current and trends with security solutions to be able to integrate with controls and safeguards Strong knowledge of security frameworks including NIST, ISO 27001, CIS, CSA, MITRE ATT&K etc.

Similar Jobs you may be interested in ..