Full Time Job Position || Cyber Security Architect || TX/NY/MA/AR

Job Title: Cyber Security Architect Insurance (IAM, Network Security, SOC, GRC & AI Security) Location: Multiple of Locations Frisco, TX / Overland Park, Kansas / Dallas, TX/Houston, TX/New York / Boston, MA

Department: Information Security / Cyber Security Reports To: Cyber Security Leader - AMS

Position Overview:
We are seeking a seasoned Cybersecurity Architect to design, implement, and lead the enterprise cybersecurity architecture across our insurance technology landscape.
This role requires deep expertise in Identity and Access Management (IAM), Network Security, Security Operations (SOC), Governance, Risk & Compliance (GRC), and AI Security, combined with strong knowledge of insurance data protection, financial regulations, and risk management frameworks.
The ideal candidate will have experience securing policy administration systems, claims platforms, customer portals, and AI-based underwriting and fraud detection solutions.

Key Responsibilities: 1. Security Architecture & Strategy

• Develop and maintain the enterprise cybersecurity architecture aligned with business strategy, compliance mandates, and threat landscape.
• Define and enforce security reference architectures for on-prem, cloud, and hybrid environments.
• Integrate security-by-design principles across insurance systems, data platforms, and digital services.
• Collaborate with enterprise architects, DevOps, and IT teams to embed secure design patterns.

2. Identity & Access Management (IAM)

• Architect and oversee enterprise IAM solutions including SSO, MFA, PAM, and federated identity (SAML, OIDC, OAuth2).
• Manage identity lifecycle, access governance, and privilege controls for employees, partners, and customers.
• Implement Zero Trust principles to secure access to underwriting, claims, and policy systems.
• Oversee IAM integrations with customer portals, APIs, and third-party vendors.

3. Network Security

• Design and maintain secure network architectures for corporate offices, data centers, and cloud environments.
• Manage firewalls, IDS/IPS, VPNs, SD-WAN, NAC, and microsegmentation strategies.
• Implement Zero Trust Network Access (ZTNA) and secure interconnections with partner ecosystems and brokers.
• Conduct network threat modeling, vulnerability assessments, and security posture reviews.

4. Security Operations (SOC)

• Provide architectural leadership for SOC platforms, including SIEM, SOAR, EDR/XDR, and threat intelligence solutions.
• Enhance incident detection, response automation, and threat hunting capabilities.
• Define incident response playbooks tailored to financial and insurance-related threats (e.g., data exfiltration, ransomware).
• Establish performance metrics and continuous improvement plans for SOC operations.

5. Governance, Risk & Compliance (GRC)

• Define and maintain the cybersecurity governance framework aligned with NAIC Model Law, ISO 27001, NIST CSF, SOC 2, PCI-DSS, and applicable privacy laws.
• Conduct risk assessments, monitor control effectiveness, and ensure compliance with state and federal insurance regulations.
• Support third-party risk management and vendor security assessments.
• Lead internal and external security audits and oversee compliance documentation.

6. AI Security

• Architect secure AI/ML systems for insurance applications such as underwriting, fraud detection, and claims automation.
• Implement AI model governance, ensuring data integrity, explainability, and compliance with emerging AI regulations.
• Mitigate risks such as model poisoning, bias, prompt injection, and data leakage.
• Collaborate with data science and actuarial teams to secure AI pipelines handling sensitive customer and financial data.
• Stay current with AI risk frameworks (NIST AI RMF, ISO/IEC 23894, EU AI Act).

7. Leadership & Collaboration

• Act as a trusted cybersecurity advisor to business leaders, IT executives, and risk management teams.
• Mentor security engineers and analysts on architecture design and cybersecurity best practices.
• Drive awareness, training, and cultural alignment toward a proactive security posture.

Qualifications: Education & Experience

• Bachelor s or Master s degree in Computer Science, Information Security, or related discipline.
• 8+ years of progressive cybersecurity experience, with at least 3+ years in an architectural or leadership capacity.
• Proven experience in insurance or financial services environments, securing core systems and customer data.

Technical Skills:

• Expertise in IAM platforms (Okta, Azure AD, CyberArk, SailPoint, Ping).
• Strong proficiency in network security (firewalls, IDS/IPS, NAC, VPN, SD-WAN, microsegmentation).
• Experience designing SOC architectures (SIEM, SOAR, EDR/XDR, threat intelligence).
• Knowledge of AI/ML system security, model governance, and data protection.
• Solid understanding of cloud security (AWS, Azure, Google Cloud Platform) and Zero Trust architectures.
• Familiarity with regulatory frameworks: NAIC Model Law, SOC 2, ISO 27001, NIST 800-53, GDPR, and PCI-DSS.
• Experience with data privacy (PII, financial data, customer information) and third-party vendor security.

Certifications (Preferred)

• CISSP, CCSP, or CISM.
• Certified Identity and Access Manager (CIAM) or equivalent IAM certification.
• Network Security certifications (CND, CCNP Security, PCNSE, NSE).
• AI Security / Governance credentials (MIT AI Risk & Security, (ISC) AI+, NIST AI RMF).
• CRISC, CISA, or ISO 27001 Lead Implementer for GRC expertise.

Soft Skills

• Strategic and analytical mindset with a strong understanding of the insurance business model.
• Excellent communication and stakeholder management skills.
• Ability to translate technical risk into business impact.
• Leadership presence with the ability to influence across technical and non-technical teams.