Job Description
Role summary
-
Define and maintain enterprise security architectures covering applications, infrastructure, networks, data platforms, and cloud services, with Microsoft Azure as the primary platform.
-
Embed security into transformation and AIdriven initiatives, ensuring solutions are securebydesign and compliant with insurance and financialservices regulations.
Key responsibilities
-
Security architecture & design : Create reference architectures and security blueprints for cloudnative, hybrid, and onprem environments, including microservices, APIs, data lakes, and AI/ML workloads; conduct architecture reviews and threat modeling using frameworks such as STRIDE, PASTA, and LINDDUN.
-
Zero Trust & identity : Design and implement Zero Trust architectures, enterprise IAM on Azure AD/Entra ID, and modern authentication/authorization using SAML, OAuth 2.0, OpenID Connect, MFA, conditional access, RBAC, and ABAC.
-
Cloud & application security : Establish security guardrails across Azure, AWS, and GCP; implement CSPM/CWPP, container and Kubernetes security, WAF, NSGs, and DDoS protection; integrate DevSecOps practices, secure coding standards, and SAST/DAST/SCA/IAST into CI/CD.
-
Security operations & monitoring : Design SIEM and SOAR architectures (e.g., Microsoft Sentinel, Splunk, QRadar, Elastic), logging strategies, threat intelligence integration, and incident response capabilities including forensics and evidence handling.
-
Compliance, risk & governance : Ensure alignment with frameworks such as NIST, ISO 27001, PCIDSS, SOC 2, GDPR, HIPAA, and insurancespecific regulations; perform risk assessments, define security policies and standards, and track security KPIs.
-
Data protection & network security : Architect encryption, DLP, key and certificate management, data classification, and privacybydesign; design secure network architectures with segmentation, DMZs, VPN/ZTNA/SDP, IDS/IPS, NAC, and CDN security.
-
Collaboration & leadership : Partner with enterprise and solution architects, DevOps, engineering, and business teams to embed security; mentor teams, lead design reviews and working groups, and present complex security topics to senior leadership.
Required skills
-
Deep knowledge of major security frameworks and standards (NIST CSF, ISO 27001/27002, CIS Controls, OWASP Top 10, SANS Top 25, Zero Trust Architecture, PCIDSS, HIPAA, GDPR, and insurance regulations).
-
Strong expertise in IAM, cloud security (Azure preferred, plus AWS/GCP), application security, security operations (SIEM/SOAR, EDR/XDR), network security, and encryption/data protection technologies.
Experience & certifications
-
8+ years in cybersecurity, security engineering, or security architecture, including 3+ years designing enterprisegrade security architectures, ideally in insurance or financial services.
-
Proven experience implementing Zero Trust, architecting on Microsoft Azure, conducting threat modeling and architecture reviews, and supporting compliance certifications such as SOC 2, ISO 27001, and PCIDSS.
-
Core certifications: CISSP, CISM, CCSP, and Microsoft security certifications (e.g., Security Operations Analyst Associate or Azure Security Engineer Associate); additional certifications such as CEH, GIAC, OSCP, and CISA are a strong plus.
Key competencies
-
Insurance domain security, including protection of PII, claims, and financial data, and understanding of Solvency II, state regulations, GDPR, and CCPA.
-
Technical leadership, riskbased decisionmaking, and a strong focus on innovation and continuous learning to keep pace with the evolving threat landscape and regulatory environment
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application