Director, Security Architecture in Windsor, CT at Voya

Date Posted: 12/6/2019

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    1 Orange Way
    Windsor, CT
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    12/6/2019

Job Description

As part of the application process, a candidate account is required to log in and view application(s).  Please be sure to check email regularly for information regarding our employment process.

Job Background:

The Security Strategy and Architecture team provides Security Strategy and Architecture Services to the Voya Enterprise.  Security Architecture utilizes an engagement model and framework to design and deliver strategic security solutions for all major initiatives, applications, infrastructure and products.  In this role you will partner with a team of security experts to enhance the security posture of the organization up and down the stack and you will have direct influence on the future state of cyber security at Voya Financial.

The Director of Security Architecture will have the following responsibilities:

  • Ability to act as a security design authority for all core infrastructure
  • Optimize the strategy for Security Monitoring and Response, design the target state architecture, defining the security roadmap, communicate and execute the strategy
  • Building security roadmaps for new technologies that can be utilized on premises and in a hybrid cloud environment
  • Creates Security Designs for the interim and target state for applications
  • Execution of the Security Architecture framework
  • Delivery of Security Specifications, Threat Models and Blueprints
  • Ability to work across each of the security domains( Identity and Access Management, Network Security, Data Security, Monitoring and Security Operations)
  • The ability to use adversary based threat modeling to yield designs that are as secure as possible
  • Design, develop and optimize security capabilities to include Endpoint Monitoring, Network Monitoring, cloud Monitoring, Insider Threat monitoring, Email Monitoring and Fraud monitoring

Position Candidate Requirements:

  • Minimum of 15 years of experience in information security field with experience in Security Architecture
  • Expert Security Architecture background and proven primary experience in one of the key security domains (Monitoring, Network, Incident response, IAM, Operations)
  • Experience in migrating large enterprises to hybrid and native cloud
  • Ability to deliver analytical products to include Adversary based threat models, and risk analysis
  • Experience in secure SaaS migrations
  • Experience in Threat Modeling and demonstrate a capability to architect solutions to prevent threats as a design principal
  • Ability to research, analyze and solve complex technical problems without supervision
  • Expert level Visio experience
  • Strong team player
  • The ability to act as a trusted advisor to the business
  • Strong presentation and communication skills
  • Bachelor’s degree in Computer Science or Information Technology
  • CISSP, CCSK, CCSP or OSCP preferred
  • Experience with building use cases in Splunk preferred
  • Understands how cyber-attacks are executed and can build architecture constructs to prevent attacks and enable real time detections
  • Financial sector experience preferred
  • The ability to think out of the box and to find threats and deliver mitigations through quantitative analysis
  • Provides insights and direction to other team members on the nuances of technologies, architectures and analysis to support full stack security build out
  • Prefer background in Threat Intelligence and a deep understanding of Threat Actors and TTPs and the ability to design for question based analysis to support investigations
  • Experience using statistical analysis to quantify risk
  • Communicate the security strategy and drive the consistency of application security principles to all stakeholders
  • Hands on knowledge of AWS or Azure Services and securing cloud services
  • Expert knowledge of the MITRE ATT&CK Framework.   Experience conducting or leading incident response and a serves as a point of escalation for incidents.
  • Prior programming experience(e.g. Python,C++, Java)

#CB

#LI-NP1

Critical Skills
At Voya, we have identified the following critical skills which are key to success in our culture: 

  • Customer Focused: Passionate drive to delight our customers and offer unique solutions that deliver on their expectations.
  • Critical Thinking: Thoughtful process of analyzing data and problem solving data to reach a well-reasoned solution.
  • Team Mentality: Partnering effectively to drive our culture and execute on our common goals. 
  • Business Acumen: Appreciation and understanding of the financial services industry in order to make sound business decisions. 
  • Learning Agility: Openness to new ways of thinking and acquiring new skills to retain a competitive advantage.

Learn more about Critical Skills.