Job Title: Cybersecurity Architect
Location: Jersey City NJ/Onsite
Need Passport Number
Position Overview
We are seeking a seasoned Cybersecurity Architect to design, implement, and lead the enterprise cybersecurity architecture across our insurance technology landscape.
This role requires deep expertise in Identity and Access Management (IAM), Network Security, Security Operations (SOC), Governance, Risk & Compliance (GRC), and AI Security, combined with strong knowledge of insurance data protection, financial regulations, and risk management frameworks.
The ideal candidate will have experience securing policy administration systems, claims platforms, customer portals, and AI-based underwriting and fraud detection solutions.
Key Responsibilities
1. Security Architecture & Strategy
- Develop and maintain the enterprise cybersecurity architecture aligned with business strategy, compliance mandates, and threat landscape.
- Define and enforce security reference architectures for on-prem, cloud, and hybrid environments.
- Integrate security-by-design principles across insurance systems, data platforms, and digital services.
- Collaborate with enterprise architects, DevOps, and IT teams to embed secure design patterns.
2. Identity & Access Management (IAM)
- Architect and oversee enterprise IAM solutions including SSO, MFA, PAM, and federated identity (SAML, OIDC, OAuth2).
- Manage identity lifecycle, access governance, and privilege controls for employees, partners, and customers.
- Implement Zero Trust principles to secure access to underwriting, claims, and policy systems.
- Oversee IAM integrations with customer portals, APIs, and third-party vendors.
3. Network Security
- Design and maintain secure network architectures for corporate offices, data centers, and cloud environments.
- Manage firewalls, IDS/IPS, VPNs, SD-WAN, NAC, and microsegmentation strategies.
- Implement Zero Trust Network Access (ZTNA) and secure interconnections with partner ecosystems and brokers.
- Conduct network threat modeling, vulnerability assessments, and security posture reviews.
4. Security Operations (SOC)
- Provide architectural leadership for SOC platforms, including SIEM, SOAR, EDR/XDR, and threat intelligence solutions.
- Enhance incident detection, response automation, and threat hunting capabilities.
- Define incident response playbooks tailored to financial and insurance-related threats (e.g., data exfiltration, ransomware).
- Establish performance metrics and continuous improvement plans for SOC operations.
5. Governance, Risk & Compliance (GRC)
- Define and maintain the cybersecurity governance framework aligned with NAIC Model Law, ISO 27001, NIST CSF, SOC 2, PCI-DSS, and applicable privacy laws.
- Conduct risk assessments, monitor control effectiveness, and ensure compliance with state and federal insurance regulations.
- Support third-party risk management and vendor security assessments.
- Lead internal and external security audits and oversee compliance documentation.
6. AI Security
- Architect secure AI/ML systems for insurance applications such as underwriting, fraud detection, and claims automation.
- Implement AI model governance, ensuring data integrity, explainability, and compliance with emerging AI regulations.
- Mitigate risks such as model poisoning, bias, prompt injection, and data leakage.
- Collaborate with data science and actuarial teams to secure AI pipelines handling sensitive customer and financial data.
- Stay current with AI risk frameworks (NIST AI RMF, ISO/IEC 23894, EU AI Act).
7. Leadership & Collaboration
- Act as a trusted cybersecurity advisor to business leaders, IT executives, and risk management teams.
- Mentor security engineers and analysts on architecture design and cybersecurity best practices.
- Drive awareness, training, and cultural alignment toward a proactive security posture.
Never miss an opportunity! Create an alert based on the job you applied for.
