Senior Security Architect

📋 Description

• • As a Senior Security Architect at Bestow Inc., you will be instrumental in shaping and safeguarding our digital landscape. This pivotal role involves the strategic design, meticulous implementation, and continuous validation of robust security solutions to protect our company's critical information systems and valuable assets. You will act as a key technical liaison, bridging the gap between our Security, Infrastructure, and Engineering departments, to forge a comprehensive security architecture framework. This framework will be designed to seamlessly integrate secure AI capabilities, support cutting-edge experimentation, align perfectly with our overarching business objectives, and ensure unwavering compliance with stringent regulatory requirements.
• • A core responsibility will be to define and uphold architectural standards that embed native capabilities for automated monitoring and self-healing across our dynamic multi-cloud environments. This proactive approach ensures resilience and rapid response to potential threats.
• • You will be a driving force behind our company-wide information security governance program. This includes maintaining the integrity of the control assurance program and collaborating closely with business leaders to conduct periodic assessments, rigorous testing, and the systematic collection of audit artifacts for review by the Deputy Chief Information Security Officer.
• • Furthermore, your expertise will be crucial in bolstering our Incident Response program. This involves meticulously reviewing and updating essential documentation, as well as developing and actively participating in comprehensive training exercises. These initiatives are designed to ensure the organization remains highly resilient and prepared to effectively counter emerging threats.
• • In collaboration with cross-functional teams, you will develop and maintain a forward-looking Security Architecture roadmap, ensuring a consistently strong security posture that directly supports and aligns with our corporate objectives.
• • You will lead the charge in developing and implementing automation for both existing and new security processes. This focus on automation is key to significantly increasing operational efficiency and minimizing reliance on manual interventions, thereby reducing the potential for human error.
• • A significant aspect of your role will be to develop the architectural framework for the secure deployment of Artificial Intelligence (AI). This includes designing the foundational layers necessary for robust Model Security, stringent Data Privacy controls, and the effective orchestration of Autonomous Agents.
• • You will design sophisticated multi-cloud infrastructures where security controls are not only programmatically enforced but also globally consistent, providing a unified and strong defense across all platforms.
• • Provide expert technical guidance on securing CI/CD pipelines and managing security effectively within platforms like Github and other SaaS-based development tools, ensuring the integrity of our development lifecycle.
• • Continuously assess our security systems and infrastructure to proactively identify vulnerabilities. You will then develop and implement comprehensive remediation plans, leveraging methodologies such as risk assessments, penetration tests, and various scanning techniques.
• • Act as a trusted advisor to various teams, offering expert counsel on secure coding practices, encryption strategies, authentication mechanisms, and access control policies.
• • Lead and collaborate effectively with IT, Engineering, Legal, Finance, Insurance Operations, External Examiners, and other business areas as required, particularly during compliance examinations.
• • Prepare insightful metrics and detailed reporting for review by Security Leadership. You will offer clear, actionable recommendations for remediation that satisfy both security best practices and stringent audit scrutiny.
• • Evaluate emerging security technologies, industry trends, and potential threats to ensure Bestow remains at the forefront of defending its digital landscape.
• • Review and contribute to the development of effective and efficient information security process documentation. This documentation will be critical in supporting and driving compliance with Bestow Information Security Policies, Standards, and applicable regulatory requirements. You will also research, understand, and interpret state regulations pertaining to Cybersecurity and Privacy within the Insurance Industry.
• • Contribute significantly to response efforts for external requests, including providing detailed technical answers to inquiries about all facets of the security program, including governance questions.
• • Assist with other assigned duties as needed, demonstrating flexibility and a commitment to the team's success.