Skip Navigation

Director of Security Architecture and Engineering

Location: Shoreview, Minnesota
Req ID#: 11088BR
Description

The Director of Security Architecture and Engineering is responsible for Deluxe’s security architecture and engineering strategy and roadmap, security solutions design, security capabilities management and/or governance oversight, security standards and specifications development, and leading a team of security architects, engineer and analysts to design and implement security solutions to solve complex business and security challenges and to drive improvements in the overall security posture of Deluxe. This responsibility extends into all business units within the Deluxe.

Success in this role requires broad general technical security knowledge/expertise, proven service management skills, cross-functional project delivery, and the ability to manage a team responsible for driving security across the entire enterprise in a highly collaborative manner.

Accountabilities:
Security Architecture and Engineering Strategy and Planning
- Sets the strategy for new technologies, architectures, and security products that will support security requirements and business objectives for Deluxe.
- Responsible for developing, implementing and maintaining a comprehensive security architecture and engineering strategy and security capabilities portfolio & roadmap.
- Provide guidance and advocacy regarding prioritization of investment and implementation associated with the Deluxe’s security strategy.
- Researches, designs and advocates for new technologies, architectures, and security products that will support security requirements for the enterprise.
- Evaluates, develops and/or approves secure solutions.
- Develops clear and actionable security policies, standards, configuration baselines, blueprints, principles, models, and designs.
- Designs and develops security architectures for cloud and cloud/hybrid based systems.
- Develops processes, procedures, and metrics to govern a centralized security capabilities and services model.
Technical Security Consulting Services
- Provides technical and compliance expertise and consulting across all security domains to ensure the confidentiality, integrity and availability of data and its systems.
- Serves as a security expert in infrastructure and applications systems development; supports project teams in complying with enterprise and IT security policies.
- Serves as security architecture subject matter expert to business areas, project teams and vendors to apply and execute appropriate use of security/technology solutions.
- Serve as an expert advisor in the development, implementation, and maintenance of information security policy and control framework.
- Participates in the evaluation, selection and implementation of technology solutions.
- Lead and/or influence the implementation of secure software development lifecycle (SDLC) practice and ongoing operational improvement efforts
- Work with executives, business leadership, and relevant compliance departments to build security architecture and implement security controls that effective address relevant compliance and regulatory requirements.
- Participates in IT audits, IT risk assessments and regulatory compliance.
- Support the Delivery Assurance Process, the Architecture Review Board, and M&A Integrations.
- Participates in investigation and report contribution of security threats and incidents, and in conducting post-event reviews of security incidents.
- Collaborate with all levels of the business/IT organization
- Utilizes interpersonal skills to foster and grow business relationships across all business units, and to communicate at all levels of the organization from executives to front line employees.
Security Engineering and Security Capabilities Management
- Manage application security solutions and capabilities such as endpoint security tools.
- Leads and manages the implementation of security solutions.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Install, maintain and configure security software, such as firewalls, data encryption programs, identity and access management solutions to protect sensitive information.
- Evaluate and implement new products available through outside vendors.
- Establish and document operational standards, configuration specifications, procedures, and runbooks.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
- Develops actual working solutions or prototypes based on their own designs and resolves any issues that arise.
- Manage security vendors and ensure SLAs are met.
Team and Financial Management – Leading a team of architects, engineers and analysts:
- Effectively lead a team of architects, engineers and analysts to carry out the strategy, capabilities portfolio and roadmap.
- Mentors, coaches, and trains members of the information security team, the broader information technology services team, and other technologists throughout Deluxe.
- Leads a group of architects and engineers in the definition and implementation of the security model and architecture standards for Deluxe.
- Collaborate and support Business Information Security Managers (BISOs) for cybersecurity and IT Risk & Compliance Management program needs within business units.
- Coordinate closely with the Information Security Program Management team to provide regular metrics and reporting to measure the efficiency and effectiveness of the services, facilitate appropriate resource allocation, and increase the overall maturity of related security capabilities.
- Manage the budget and projects associated with security architecture and engineering to invest resources to efficiently reduce risk.


Required:

- Bachelor’s degree in Computer Science MIS or related field
- 10 + years of Security, Architecture and Engineering experience
- Strong security technical expertise, deep understanding of security issues and a clear vision on how to build secure networks, data centers and cloud.
- Demonstrated experience in all levels of the technology stack and security solution capabilities such as: cloud, firewalls, intrusion detection & prevention, perimeter appliances, domain segmentation, filtering (virus, spam, etc.), network segmentation, authentication, enterprise portals, database encryption, data encryption, host intrusion detection, enterprise directories (LDAP and Active Directory), end point security controls, application security and secure coding techniques.
- A security technology strategist with the ability to think beyond the here-and-now and in 3+ year horizon, seek-out and formulate future technology paths based on the needs of the customer, technology disruptions and competitive landscape.
- A working knowledge of one or more security and IT Architecture standards such as: TOGAF, Open Security Architecture, or Service Oriented Modeling Framework.
- Demonstrated ability to influence and clearly communicate (verbally and in writing) across vast sections of IT and the business, including company leaders.
- Excellent organizational and leadership skills with the ability to lead, build, and develop a team of senior IT professionals through formal and informal reporting relationships.
- Pragmatic understanding of security problems as a mix of technology and process issues with the ability to pursue solutions at both layers within the organization.
- Ability to influence management, key decision-makers, and highly technical resources
- Ability to apply business case development and project justification techniques
- Experience and understanding of business security and compliance requirements and the process of translating them into well-engineered and integrated business solutions
- Ability to interface effectively and collaborate with peers and management to develop solutions and ensure stakeholder buy-in.
- Critical thinking skills, ability to accurately analyze information and make sound decisions quickly.
- Data analysis and reporting skills
- Demonstrated ability to take initiative and accountability for achieving results. Self Starter / Self-directed
- Strong interpersonal, oral, and written communication skills
- Customer driven to understand and appropriately respond to customers' business needs.
- Calmness and clarity of thought under pressure and ability to maintain confidentiality
- Must have the ability to work under pressure and meet deadlines. Work with a high sense of urgency.

Working knowledge in the following areas:
- Governance frameworks including: ISO 27001, NIST, COBIT, ITIL, OWASP, ITIL
- Regulations and/or contractual obligations including: HIPAA, PCI, Sarbanes Oxley, GLBA, SOC /SSAE16
- IT General Controls methodologies, management and tools
- Audit management and internal audit standards Risk Management methodologies and tools
- Process control design and testing methods
- Metrics development and reporting
- System Development Life Cycle / Application Security
- Incident Response
- Threat and Vulnerability Management
- System Configuration and Architecture
- Network Security and Management
- Cloud Security and Management
- Identity and Access Management
- IoT Security
- Mobile Security Management


Pre-Employment Screening:
Drug screen and background check required.

Deluxe Corporation is an Equal Opportunity / Affirmative Action employer:

All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, disability, sex, age, ethnic or national origin, marital status, sexual orientation, gender identity or presentation, pregnancy, genetics, veteran status or any other status protected by state or federal law.


EOE/Minorities/Females/Vet/Disability


Please view the electronic EEO is the Law Poster which serves to inform you of your equal employment opportunity protections as part of the application process.


Department: Information Technology
Remote Work Location: No
Full Time/Part Time: Full Time
Shift Type: Traditional

Featured Jobs