Security Review Architect (Remote) - Contract Position

Welcome to Gallagher – a global leader in insurance, risk management, and consulting services. With a growing team of more than 52,000 professionals worldwide, we empower businesses, communities, and individuals to thrive. At Gallagher, you can build a career whether it’s with our brokerage division, our benefits and HR consulting division, or our corporate team. Experience The Gallagher Way, a culture fueled by shared values and a collective passion for excellence. Join one of our dynamic teams, where you'll play a pivotal role in shaping Gallagher's future and unlocking unparalleled opportunities for both clients and yourself.

We believe that every candidate brings something special to the table, including you! So, even if you feel that you’re close but not an exact match, we encourage you to apply.

Security Review Architect will serve as a key technical resource in Global Cyber and Information Security (GCIS) organization. This role will be responsible for reviewing and managing internal requests for security architecture reviews/security risk assessments. The reviews and risk assessments should align to, or provide alternatives for, our current state frameworks, design patterns, standards, reference architectures, best practices and requested technical specifications. This role will make determinations on request priorities based on a standard set of criteria. The role will need to work closely with other Information Security colleagues, IT & Infrastructure organizations and Business teams globally to provide the security architecture reviews and risk assessments.Requests and all related security architecture response documents should be organized and managed in directed locations. This role will communicate the completed reviews with requestors in order to recommend and influence cyber security objectives.

Please note additional position details below:

• This is a Temp-To-Hire, W-2 position. We are not able to do 1099 or C2C.
• It is a fully remote role that will need to be based in the U.S. or Canada
• You must meet our U.S. Eligibility requirements for work authorization as stated below.

• Work with the Cyber Architecture Manager to further develop and refine the security architecture review process.

• Document and create any processes, frameworks, templates or communications to mature the security architecture review process.

• Keep the intake and review process organized and requestors informed of status. Develop/refine/request automated tooling necessary to best accommodate the process.

• Align with internal teams such as Enterprise Architecture, 3rd Party Risk Management, Mergers & Acquisitions, Cloud Architecture and Engineering, Network, Infrastructure and Security Engineering on the request process to streamline and provide consistency and smooth transitions.

• Refer to and make recommendations to further define and mature Information Security architectural standards, artifacts, design patterns and technical specification documents utilizing feedback from existing reviews.

• Determine if/when/how requests should include security engineers and onboard and collaborate using existing processes.

• Delineate and define reviews/review process for alternative geo locations (non-US) as needed and collaborate with global partners to provide consistency in responses.

• Collaborate with risk and compliance/policy teams to align, create or improve upon risk frameworks, standards or policies in relation to the security reviews.

• Provide feedback to recommend improvements to the global security architecture in order to improve security posture, mitigate risks and balance costs.

• Proactively identify technical and architectural risks as part of the review process creating review documents that comment on, and provide alternatives for, solutions that align to standards.

• Participate at the request of architectural leadership on assigned forums, collaborate, and provide appropriate thought leadership and expertise in cyber security architecture.

Required:

• Bachelor's degree or equivalent work experience in Computer Science or related field

• Minimum 2+ years of cybersecurity and/or risk mitigation experience

• Minimum 2+ years of experience in a reviewer or documenter role for detailed technology solutions and environments

• Exposure to, or experience with, creating or evaluating solution architectures, code, models and vendor documents with ability to understand and articulate patterns and cyber security risks to business and technical teams

• Exposure to or experienced with insurance and risk management domains

• Experienced and developed collaboration, elicitation and documentation skills

• Proven success communicating and recommending cyber security architecture best practices and standards for custom and/or SaaS security solutions and services.

• Highly organized with attention to detail, responsiveness and pro-active in keeping inventories updated

• Knowledge and experience in enterprise architecture frameworks such as TOGAF

• Knowledge and experience with security standards frameworks (NIST - CSF, ISO 27001, CSA CCM, PCI-DSS, GDPR)

Preferred:

• At least one certification related to information security such as; CISSP, CCSP, TOGAF Security

• Strong knowledge of cloud (IaaS, PaaS and SaaS) offerings

• Experience working with security tools and concepts such as firewalls, end point protection, MFA and data protection

• Demonstrated working experience in a regulated and globally distributed environment

Key Characteristics:

• Strong communications skills - oral and written

• Self-starter with strong work ethic

• Flexible and resilient, handle various demands planned and unplanned

• Proven ability to handle multiple tasks and projects simultaneously

• Problem solver and desire to close issues, pragmatic and realistic with solutions

• Resilient and collaborative, motivated to pro-actively influence partners to successful security safe resolutions

#contingent

On top of a competitive salary, great teams and exciting career opportunities, we also offer a wide range of benefits.

Below are the minimum core benefits you’ll get, depending on your job level these benefits may improve:

• Medical/dental/vision plans, which start from day one!
• Life and accident insurance
• 401(K) and Roth options
• Tax-advantaged accounts (HSA, FSA)
• Educational expense reimbursement
• Paid parental leave

Other benefits include:

• Digital mental health services (Talkspace)
• Flexible work hours (availability varies by office and job function)
• Training programs
• Gallagher Thrive program – elevating your health through challenges, workshops and digital fitness programs for your overall wellbeing
• Charitable matching gift program
• And more...

We value inclusion and diversity

Click Here to review our U.S. Eligibility Requirements and Pay Disclosure Statement

Inclusion and diversity (I&D) is a core part of our business, and it’s embedded into the fabric of our organization. For more than 95 years, Gallagher has led with a commitment to sustainability and to support the communities where we live and work.

Gallagher embraces our employees’ diverse identities, experiences and talents, allowing us to better serve our clients and communities. We see inclusion as a conscious commitment and diversity as a vital strength. By embracing diversity in all its forms, we live out The Gallagher Way to its fullest.

Gallagher believes that all persons are entitled to equal employment opportunity and prohibits any form of discrimination by its managers, employees, vendors or customers based on race, color, religion, creed, gender (including pregnancy status), sexual orientation, gender identity (which includes transgender and other gender non-conforming individuals), gender expression, hair expression, marital status, parental status, age, national origin, ancestry, disability, medical condition, genetic information, veteran or military status, citizenship status, or any other characteristic protected (herein referred to as “protected characteristics”) by applicable federal, state, or local laws.

Equal employment opportunity will be extended in all aspects of the employer-employee relationship, including, but not limited to, recruitment, hiring, training, promotion, transfer, demotion, compensation, benefits, layoff, and termination. In addition, Gallagher will make reasonable accommodations to known physical or mental limitations of an otherwise qualified person with a disability, unless the accommodation would impose an undue hardship on the operation of our business.