Starr Underwriting
Security Review Architect (Remote) - Contract Position
Starr Underwriting, Rolling Meadows, Illinois, United States, 60008
Introduction
Welcome to Gallagher – a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it’s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where you'll play a pivotal role in shaping Gallagher's future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.
Overview
S
ecurity
Review
A
rchitect will serve as a key technical resource
in
Global Cyber and Information Security (GCIS)
organization.
This role
w
ill
be
r
esponsible for
review
ing
and managing internal requests for
security architecture
reviews
/security
risk assessments
.
The reviews and risk assessments should align to, or provide alternatives for, our current state
framework
s
,
design
patterns
,
standards
, reference architectures
,
best practices
and
requested t
echnical specifications
.
This role will make determinations on request priorities based on a standard set of criteria
.
The
r
ole will need to w
ork closely with other
I
nformation
S
ecurity colleagues, IT & Infrastructure
organization
s
and
B
usiness
teams
globally to provide
the
security architecture
reviews and risk assessments
.
Requests and all related security architecture response documents should be organized and managed in directed locations
.
This role will
communicate
the completed reviews with requestors
in order to
recommend and
influence cyber security
objectives
. Please note additional position details below: This is a Temp-To-Hire, W-2 position. We are not able to do 1099 or C2C. It is a fully remote role that will need to be based in the U.S. or Canada You must meet our U.S. Eligibility requirements for work authorization as stated below.
How you'll make an impact
Work with the Cyber Architecture Manager to further develop and refine the security architecture review process. Document and create any processes, frameworks,
templates
or communications to mature the security architecture review process. Keep the intake and review process organized and requestors informed of status
.
Develop/refine/request automated tooling necessary to best accommodate the process. Align with internal teams such as Enterprise Architecture, 3
rd
Party Risk Management, Mergers & Acquisitions, Cloud Architecture and Engineering, Network, Infrastructure and Security Engineering on the request process to streamline and provide consistency and smooth transitions. Refer to and make recommendations to further d
efine and
mature
Information Security architectural
standards, artifacts, design patterns and technical specification documents
utilizing
feedback from existing reviews
. Determine
if/when/how requests should
include security engineers and onboard
and collaborate using existing processes. Delineate and define reviews/review process for alternative geo locations (non-US) as needed and collaborate with global partners to provide consistency in responses. Collaborate with risk and compliance/policy teams to align,
create
or improve upon risk frameworks,
standards
or policies in relation to the security reviews. Provide feedback to
recommend improvements to the global security architecture
in order
to
improve security posture, mitigate risks and balanc
e
costs
. Proactively
identif
y
technical and architectural risks
as part of the review process creating review documents that
comment
on,
and provid
e
alternatives for
,
solutions that align to standards
. Participate at the request of
architectural leadership
on
assigned forums
,
collaborat
e
,
and provide
appropriate
thought
leadership and
expertise
in cyber security architecture.
About You
Required
: Bachelor's degree
or equivalent work experience
in Computer Science or related field Minimum
2
+ years of
cybersecurity
and/or risk mitigation
experience Minimum
2
+ years of experience
in a
review
er or documenter role for d
etailed
technology
solution
s and environments Exposure to, or experience with, creating or evaluating solution
architectures
, code,
models
and vendor documents
with ability to understand and articulate patterns and cyber security risks to business and technical
teams Exposure to or experienced with i
nsurance and risk management
domain
s Experienced and developed collaboration,
elicitation
and documentation
skills Proven success communicating and recommending cyber security architecture best practices and standards for custom and/or SaaS security solutions and services. Highly organized with attention to detail, responsiveness and pro-active in keeping inventories
updated K
nowledge and experience in enterprise architecture frameworks such as
TOGAF K
nowledge and experience
with
security standards frameworks (NIST - CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR) Preferred
: At least one certification related to information security such
as;
CISSP, CCSP,
TOGAF Security Strong knowledge of cloud (IaaS,
PaaS
and SaaS) offerings E
xperience working with
security tools and concepts such as
firewalls, end point protection,
MFA
and data
protection Demonstrated working experience in a regulated and globally distributed
environment Key Characteristics
: Strong communications skills - oral and
written Self-starter with strong work ethic Flexible and resilient, handle various demands planned and
unplanned Proven ability to handle multiple tasks and projects
simultaneously Problem solver and desire to close issues, pragmatic and realistic with
solutions Resilient and collaborative, motivated to pro-actively
influence partners to
successful
security safe
resolutions #contingent
Compensation and benefits
On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits. Below are the
minimum core benefits
you’ll get, depending on your job level these benefits may improve: Medical/dental/vision plans, which start from day one! Life and accident insurance 401(K) and Roth options Tax-advantaged accounts (HSA, FSA) Educational expense reimbursement Paid parental leave Other benefits include: Digital mental health services (Talkspace) Flexible work hours (availability varies by office and job function) Training programs Gallagher Thrive program – elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing Charitable matching gift program And more... We value inclusion and diversity Click Here
to review our U.S. Eligibility Requirements and Pay Disclosure Statement Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work. Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.
#J-18808-Ljbffr
Welcome to Gallagher – a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it’s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where you'll play a pivotal role in shaping Gallagher's future and unlocking unparalleled opportunities for both clients and yourself. We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.
Overview
S
ecurity
Review
A
rchitect will serve as a key technical resource
in
Global Cyber and Information Security (GCIS)
organization.
This role
w
ill
be
r
esponsible for
review
ing
and managing internal requests for
security architecture
reviews
/security
risk assessments
.
The reviews and risk assessments should align to, or provide alternatives for, our current state
framework
s
,
design
patterns
,
standards
, reference architectures
,
best practices
and
requested t
echnical specifications
.
This role will make determinations on request priorities based on a standard set of criteria
.
The
r
ole will need to w
ork closely with other
I
nformation
S
ecurity colleagues, IT & Infrastructure
organization
s
and
B
usiness
teams
globally to provide
the
security architecture
reviews and risk assessments
.
Requests and all related security architecture response documents should be organized and managed in directed locations
.
This role will
communicate
the completed reviews with requestors
in order to
recommend and
influence cyber security
objectives
. Please note additional position details below: This is a Temp-To-Hire, W-2 position. We are not able to do 1099 or C2C. It is a fully remote role that will need to be based in the U.S. or Canada You must meet our U.S. Eligibility requirements for work authorization as stated below.
How you'll make an impact
Work with the Cyber Architecture Manager to further develop and refine the security architecture review process. Document and create any processes, frameworks,
templates
or communications to mature the security architecture review process. Keep the intake and review process organized and requestors informed of status
.
Develop/refine/request automated tooling necessary to best accommodate the process. Align with internal teams such as Enterprise Architecture, 3
rd
Party Risk Management, Mergers & Acquisitions, Cloud Architecture and Engineering, Network, Infrastructure and Security Engineering on the request process to streamline and provide consistency and smooth transitions. Refer to and make recommendations to further d
efine and
mature
Information Security architectural
standards, artifacts, design patterns and technical specification documents
utilizing
feedback from existing reviews
. Determine
if/when/how requests should
include security engineers and onboard
and collaborate using existing processes. Delineate and define reviews/review process for alternative geo locations (non-US) as needed and collaborate with global partners to provide consistency in responses. Collaborate with risk and compliance/policy teams to align,
create
or improve upon risk frameworks,
standards
or policies in relation to the security reviews. Provide feedback to
recommend improvements to the global security architecture
in order
to
improve security posture, mitigate risks and balanc
e
costs
. Proactively
identif
y
technical and architectural risks
as part of the review process creating review documents that
comment
on,
and provid
e
alternatives for
,
solutions that align to standards
. Participate at the request of
architectural leadership
on
assigned forums
,
collaborat
e
,
and provide
appropriate
thought
leadership and
expertise
in cyber security architecture.
About You
Required
: Bachelor's degree
or equivalent work experience
in Computer Science or related field Minimum
2
+ years of
cybersecurity
and/or risk mitigation
experience Minimum
2
+ years of experience
in a
review
er or documenter role for d
etailed
technology
solution
s and environments Exposure to, or experience with, creating or evaluating solution
architectures
, code,
models
and vendor documents
with ability to understand and articulate patterns and cyber security risks to business and technical
teams Exposure to or experienced with i
nsurance and risk management
domain
s Experienced and developed collaboration,
elicitation
and documentation
skills Proven success communicating and recommending cyber security architecture best practices and standards for custom and/or SaaS security solutions and services. Highly organized with attention to detail, responsiveness and pro-active in keeping inventories
updated K
nowledge and experience in enterprise architecture frameworks such as
TOGAF K
nowledge and experience
with
security standards frameworks (NIST - CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR) Preferred
: At least one certification related to information security such
as;
CISSP, CCSP,
TOGAF Security Strong knowledge of cloud (IaaS,
PaaS
and SaaS) offerings E
xperience working with
security tools and concepts such as
firewalls, end point protection,
MFA
and data
protection Demonstrated working experience in a regulated and globally distributed
environment Key Characteristics
: Strong communications skills - oral and
written Self-starter with strong work ethic Flexible and resilient, handle various demands planned and
unplanned Proven ability to handle multiple tasks and projects
simultaneously Problem solver and desire to close issues, pragmatic and realistic with
solutions Resilient and collaborative, motivated to pro-actively
influence partners to
successful
security safe
resolutions #contingent
Compensation and benefits
On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits. Below are the
minimum core benefits
you’ll get, depending on your job level these benefits may improve: Medical/dental/vision plans, which start from day one! Life and accident insurance 401(K) and Roth options Tax-advantaged accounts (HSA, FSA) Educational expense reimbursement Paid parental leave Other benefits include: Digital mental health services (Talkspace) Flexible work hours (availability varies by office and job function) Training programs Gallagher Thrive program – elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing Charitable matching gift program And more... We value inclusion and diversity Click Here
to review our U.S. Eligibility Requirements and Pay Disclosure Statement Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work. Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest. Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws. Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.
#J-18808-Ljbffr