TalentFish is casting a line for a Director, Information Security Architect. This is a Direct Hire role in Chicago, IL. The Director, Information Security Architect will directly report to the CISO and will play a pivotal role in shaping the firm's security architecture as we transition from traditional on-premises environments to a cloud-first model centered on Microsoft 365. This position requires a deep understanding of cloud security, enterprise-scale cyber technologies, and strong collaboration with cross-functional teams. Can also be based in DC, NYC, or ATL.
What You Bring to the Role. (Ideal Experience)
- Bachelor's degree in Computer Science, Information Security or a related field (required); Master's degree (preferred);
- 10+ years of progressive experience in information security, with at least 5 years in a senior architect or equivalent role (required);
- Experience in legal or other highly regulated industries is a plus, but not required.
- Relevant certifications such as CISSP, CISM, CCSP, or Azure Security Engineer are strongly preferred; and
- Strong knowledge of modern cyber technologies and tools, including but not limited to CSPM, SSPM, EDR, SIEM, and CASB.
- Familiarity with security frameworks such as NIST CSF, ISO 27001, and CIS Critical Security Controls.
- Proven expertise in designing and implementing cloud security controls, particularly within Microsoft 365 and Azure environments.
- Hands-on experience with threat modeling, risk assessments, and vulnerability management in hybrid IT environments.
- Exceptional communication and collaboration skills, with the ability to engage effectively with both technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities.
- A proactive mindset with a focus on driving security innovation and operational excellence.
- Self-starter with the ability to work independently and lead strategic initiatives.
- Detail-oriented with a commitment to delivering high-quality results; and
- Adaptability to a fast-paced and dynamic work environment.
What You'll Do. (Skills Used in this Position)
- Design and oversee the firm's information security architecture, focusing on cloud-first solutions (e.g., Microsoft 365, Azure, etc.) while ensuring seamless integration with on-premises environments.
- Evaluate, recommend, and implement cutting-edge tools to enhance the firm's cyber defense capabilities, including areas such as CSPM (Cloud Security Posture Management) and SSPM (SaaS Security Posture Management);
- Architect and design solutions that align with the principles of Zero Trust including, but not limited to SASE (secure access edge service) and ZTNA (zero trust network access);
- Collaborate closely with the Cyber Engineering and Operations teams to ensure the architecture supports operational needs and aligns with security objectives.
- Conduct security assessments of existing and proposed systems, identifying gaps and recommending solutions that meet compliance, legal, and risk management requirements.
- Develop and maintain comprehensive documentation of security architecture, design principles, and system configurations.
- Act as the subject matter expert on cloud security, network, endpoint, mobile, and data security by providing guidance and mentorship to teams across the organization.
- Stay current with emerging security threats, trends, and technologies, ensuring the firm's architecture remains robust and adaptive to evolving risks; and
- Engage with stakeholders, including IT, legal, and compliance teams, to align security objectives with broader organizational goals.
