Security Architect & Operations Lead

We have an exciting opportunity for a Security Architect & Operations Lead based out of our corporate office in Bloomington, MN.  The Security Architect & Operations Lead guides a team of engineers, analysts, and key partners to design, implement and operate enterprise-wide, scalable security strategies and solutions, ensuring alignment with business objectives and regulatory requirements while driving innovation and continuous improvement. The position requires strong leadership, hands on technical expertise, and cross-functional collaboration to protect the organization.  This role will serve as a technology owner / subject matter expert for Security protection, incident management, security solutions, and related controls, processes, and policies.  The individual will lead the efforts to review and improve our security posture and operational services related to applications, servers, and endpoints, for both on premise and cloud technologies.  They will also be a mentor and technical resource to IT functional areas, sharing the overall responsibility for securing our systems, day-to-day maintenance and support of the company’s global infrastructure.Key Accountabilities Include:Security Engineering & Operations Develop, communicate, and execute security strategies for Cybersecurity defense, protection, detection, response, and recoveryDesign, build, deploy and/or operate security solutions to help scale the security program and assist with buildout and management of an overall Security RoadmapBuild strong stakeholder partnerships across technical and non-technical teamsServe as a key security liaison and SME consultant, embedding secure design principles, control framework practices into cross-functional initiatives, projects, and enterprise transformations.Develop and maintain security reference architectures, standards, and roadmaps for infrastructure, applications, cloud, and enterprise systems.Ensure alignment with enterprise identity strategies and access control frameworks to support secure, scalable, and compliant solutions.Assess potential risks with existing and new infrastructure, applications, products and processes, and ensure security is appropriately considered and integratedPerform structured security risk assessments/tests to identify, prioritize, and provide recommendations or solutions for issues foundProvide security requirements and recommend secure practices, threat modeling, and integration of security tools (e.g., SAST, DAST, SIEM) into development pipelines and cloud environmentsMaintain deep knowledge of security principles, frameworks (NIST and regulatory landscapes (PCI, SOX, SOC2).Research and understand emerging information security threats and their impact on the business environmentRecommend new information security systems and controls to mitigate emerging threats and risks across the companyAutomate security controls using tools and scripting, where possibleEnsure foundational security technologies and controls are in place and drive continuous improvement, including identity and access management, endpoint protection, vulnerability management, application security, cloud, data protection, logging and monitoring, and incident responseSupport and drive utilization of Security monitoring and alerting solutions and key managed security services partnersManage relationships with third-party security vendors and improve current security technologiesMaintain technical documentation for solutions and standard operating procedures such that services are delivered in an efficient and effective mannerSupport and maintenance of IT security components and working to ensure conformity to the standards of operation for the Information Technology Department.Key escalation for incidents and Incident Triage Team Lead backup.  This may require response to and coordination of incidents occurring during evening hours and on weekends.  Efforts should include follow-up activities to prevent recurrence of incident using NIST CSF Incident Response practicesDevelop, test, and execute Information Security policy requirements and procedures, including incident response plans, playbooks, and SOPAssist with data security, and disaster recovery plansService Development and LeadershipContinually look to improve and refine the Security and infrastructure services delivered to the business, globallyHelp define and meet SLA requirements and best practices for security components and servicesContribute deep technical skills, and industry experience and best practices to the rest of the team, driving changeMaintain knowledge of emerging technologyTechnical Lead/Supervisor for high-performing security team, participating in hiring, training, performance management, and career development while developing and tracking metrics to measure security posture and report progress to leadership.Communication & CollaborationCommunicate effectively, verbally and in writing with people at all organizational levelsWork in a team environment making positive contributions to the organizationEstablish and maintain effective relationships with staff members, customers, and vendorsOther duties as assigned or requiredThe US national base salary range for this position is $128,841 - $161,052. This position is also eligible for a bonus. The base salary range displayed reflects the targeted hiring range for positions across all US locations. Individual pay is determined by job-related skills, work location and relevant education or experience.