Security Architect & Operations Lead

We have an exciting opportunity for a Security Architect & Operations Lead based out of our corporate office in Bloomington MN.  The Security Architect & Operations Lead guides a team of engineers analysts and key partners to design implement and operate enterprise-wide scalable security strategies and solutions ensuring alignment with business objectives and regulatory requirements while driving innovation and continuous improvement. The position requires strong leadership hands on technical expertise and cross-functional collaboration to protect the organization.  This role will serve as a technology owner / subject matter expert for Security protection incident management security solutions and related controls processes and policies.  The individual will lead the efforts to review and improve our security posture and operational services related to applications servers and endpoints for both on premise and cloud technologies.  They will also be a mentor and technical resource to IT functional areas sharing the overall responsibility for securing our systems day-to-day maintenance and support of the companys global infrastructure.

Key Accountabilities Include:

Security Engineering & Operations

• Develop communicate and execute security strategies for Cybersecurity defense protection detection response and recovery
• Design build deploy and/or operate security solutions to help scale the security program and assist with buildout and management of an overall Security Roadmap
• Build strong stakeholder partnerships across technical and non-technical teams
• Serve as a key security liaison and SME consultant embedding secure design principles control framework practices into cross-functional initiatives projects and enterprise transformations.
• Develop and maintain security reference architectures standards and roadmaps for infrastructure applications cloud and enterprise systems.
• Ensure alignment with enterprise identity strategies and access control frameworks to support secure scalable and compliant solutions.
• Assess potential risks with existing and new infrastructure applications products and processes and ensure security is appropriately considered and integrated
• Perform structured security risk assessments/tests to identify prioritize and provide recommendations or solutions for issues found
• Provide security requirements and recommend secure practices threat modeling and integration of security tools (e.g. SAST DAST SIEM) into development pipelines and cloud environments
• Maintain deep knowledge of security principles frameworks (NIST and regulatory landscapes (PCI SOX SOC2).
• Research and understand emerging information security threats and their impact on the business environment
• Recommend new information security systems and controls to mitigate emerging threats and risks across the company
• Automate security controls using tools and scripting where possible
• Ensure foundational security technologies and controls are in place and drive continuous improvement including identity and access management endpoint protection vulnerability management application security cloud data protection logging and monitoring and incident response
• Support and drive utilization of Security monitoring and alerting solutions and key managed security services partners
• Manage relationships with third-party security vendors and improve current security technologies
• Maintain technical documentation for solutions and standard operating procedures such that services are delivered in an efficient and effective manner
• Support and maintenance of IT security components and working to ensure conformity to the standards of operation for the Information Technology Department.
• Key escalation for incidents and Incident Triage Team Lead backup.  This may require response to and coordination of incidents occurring during evening hours and on weekends.  Efforts should include follow-up activities to prevent recurrence of incident using NIST CSF Incident Response practices
• Develop test and execute Information Security policy requirements and procedures including incident response plans playbooks and SOP
• Assist with data security and disaster recovery plans

Service Development and Leadership

• Continually look to improve and refine the Security and infrastructure services delivered to the business globally
• Help define and meet SLA requirements and best practices for security components and services
• Contribute deep technical skills and industry experience and best practices to the rest of the team driving change
• Maintain knowledge of emerging technology
• Technical Lead/Supervisor for high-performing security team participating in hiring training performance management and career development while developing and tracking metrics to measure security posture and report progress to leadership.

Communication & Collaboration

• Communicate effectively verbally and in writing with people at all organizational levels
• Work in a team environment making positive contributions to the organization
• Establish and maintain effective relationships with staff members customers and vendors
• Other duties as assigned or required

The US national base salary range for this position is $128841 - $161052. This position is also eligible for a bonus. The base salary range displayed reflects the targeted hiring range for positions across all US locations. Individual pay is determined by job-related skills work location and relevant education or experience.

Qualifications :

Education/Experience:

• Bachelors degree in computer science or related/applicable field(s) is preferred but not required
• 7 years of progressive InfoSec experience including 3 years in a leadership or management role
• At least one relevant security certification (e.g. CISSP CISM or equivalent)
• Strong knowledge of security frameworks such as NIST and ISO 27000 series
• Proven success designing implementing or overseeing enterprise-scale security solutions
• Proven experience implementing enterprise security solutions: IAM SIEM WAF CASB CSPM CWPP
• Deep expertise in securing cloud architectures (IaaS PaaS SaaS)
• Experience developing Zero Trust Architecture and SASE design principles

Skills:

• Strong background in designing and validating security architectures for cloud and on-prem environments
• Ability to lead PoCs evaluate emerging technologies and manage security upgrades decommissions and modernization roadmaps
• Demonstrated success building reference architectures standards and roadmaps
• Skilled in collaborating with architects/engineers to embed security into solution design
• Experience with cloud orchestration automation and security configuration management is a plus
• Experience managing cross-functional projects and delivering measurable risk reduction
• Deep experience with Microsoft Administration and Security Platforms including Microsoft Entra/Active Directory PowerShell Defender Sentinel Purview and Graph in an environment supporting 600 users and 200 servers
• The ability to travel as required (<10%)

Additional Information :

Benefits

Our benefit package supports the well-being of our employees and their families.  Our comprehensive benefit package includes medical dental 401K match paid time off (including volunteer time as well as parental leave) and so much more!  To learn more about our great benefit offerings Click Here.

Work Environment

Most positions located out of our global headquarters in Bloomington MN will work a hybrid work schedule where you will work 2 collaboration days a week.  Additional in office time may be required to support team/project needs.  Positions will be identified as remote eligible when consideration will be given to candidates outside of drivable distance to our Bloomington office.

Inclusion & Belonging

We are committed to creating a culture of inclusion and belonging for all who touch DQ. We believe in and commit to fostering a community where employees bring their authentic selves to work and where we recruit engage and retain employees franchise owners and suppliers based on qualifications and merit. We strive to maintain an environment where everyone feels welcome.

IDQ is an Equal Opportunity Employer and we use E-Verify to confirm the identity and employment eligibility of all new team members. You must be authorized to work in the United States without the need for employer sponsorship.

Remote Work :

No

Employment Type :

Full-time