Mercury Insurance logo
Mercury Insurance

Founded in 1961, Mercury Insurance helps consumers create their ideal insurance policies and specializes in automobile, home, condo, renters, and business insur

Senior AI Information Security Architect

Location

United States

Posted

51 days ago

Salary

$128.1K - $252.2K / year

Seniority

Senior

Bachelor Degree20 yrs expEnglishDNSJavaSwitchingTCP/IPUnix

Job Description

Senior AI Information Security Architect

Mercury Insurance

• Be accountable as an information security architect for supporting the information security program within IT and business initiatives. • Provide Information Security subject matter expertise and security consulting to IT projects and initiatives using information security standards, best practices and approaches, with an emphasis on application security. • Develop Information Security requirements across the enterprise for data protection, network protection, and application protection and compliance with regulatory requirements for protection of information. • Conduct threat analysis for systems or applications including analysis of current and known security exposures, planning for remediation of exposures, staged and planned penetration testing, vulnerability assessment and analysis of results. • Conduct research on best practices, emerging technologies and threats as it relates to Information Security. • Act as subject matter expert on security related control testing, control remediation and incident response.

Job Requirements

  • Bachelor of Science Degree in Information Technology or equivalent professional experience
  • Preferred: CISSP certification or equivalent is highly desirable
  • SANS certifications or equivalent are desirable
  • CISA or additional security certifications are desirable
  • Must have a minimum of 18 - 20 years of work experience in multiple fields of Information Technology with an emphasis on Information Security.
  • At least 12 years of this experience should be directly in the Information Security field.
  • Leadership experience is a must; management experience is a plus.
  • Experience in a leadership / Incident Commander role in security Incident Response processes.
  • Extensive knowledge of Security Policy, Standards, Guidelines, and Process Development.
  • Detailed knowledge of secure architectures and their design.
  • Detailed knowledge of web application development (Java, .Net, Secure configurations).
  • Working experience and ability to conduct application / system Penetration Testing / OWASP using industry standard tools.
  • Working experience collaborating with development teams to understand and remediate application security vulnerabilities.
  • Working experience and ability to conduct network vulnerability testing and remediation.
  • Working experience and ability to conduct Threat Analysis.
  • Strong knowledge of Virus, Worms and Other Malware (Prevention/Detection) and Incident Response.
  • Strong knowledge of Encryption / Tokenization / Key Management.
  • Strong knowledge of access control technologies.
  • Working knowledge of Intrusion Detection, Firewall Monitoring, System Monitoring.
  • Excellent knowledge of Operating systems and platforms (UNIX, Windows, Virtualization, Secure configurations).
  • Working knowledge of network security (Routing, switching, TCP/IP, DNS, Architecture, WLAN).
  • Working knowledge of state privacy laws and the PCI DSS.
  • Ability to work with all levels of personnel within the IT department and departments external to IT, in a dynamic and challenging environment.
  • Must consistently maintain a professional demeanor/attitude with all levels of management, employees, customers, and vendors to accomplish organizational goals; take action that respects the needs and contributions of others; take responsibility for actively participating and contributing to team efforts; acts as team facilitator when appropriate.
  • Ability to communicate complicated concepts to both management and technical staff and thrive in a cross-functional matrix environment.
  • Must be self-motivated and capable of working with minimal supervision and/or direction, and proactively manages their own workload.
  • Must be accountable and take direction from supervisor, follow work rules, and keep required work schedules, which include regular and predictable job attendance.
  • Well-balanced interpersonal skills are required.

Benefits

  • Competitive compensation
  • Flexibility to work from anywhere in the United States for most positions
  • Paid time off (vacation time, sick time, 9 paid Company holidays, volunteer hours)
  • Incentive bonus programs (potential for holiday bonus, referral bonus, and performance-based bonus)
  • Medical, dental, vision, life, and pet insurance
  • 401 (k) retirement savings plan with company match
  • Engaging work environment
  • Promotional opportunities
  • Education assistance
  • Professional and personal development opportunities
  • Company recognition program
  • Health and wellbeing resources, including free mental wellbeing therapy/coaching sessions, child and eldercare resources, and more

Related Categories

Related Job Pages

More Security Engineer Jobs

Full TimeRemoteTeam 51-200H1B No Sponsor

• Du entwickelst unsere AWS-Infrastruktur weiter und sorgst für einen stabilen, skalierbaren und sicheren Betrieb, natürlich mit Fokus auf Security. • Du betreust unsere SIEM-Lösung in Elastic, integrierst die anderen Teams und hältst diese am Laufen. • Bei Architekturentscheidungen und der Einführung neuer Projekte bist du von Anfang an dabei und bringst deine Ideen ein. • Du führst eigene Security Assessments oder PenTests durch und koordinierst unseren Fachpartner bei der Durchführung. • Du arbeitest eng mit Entwicklerteams, Architekten und Fachbereichen zusammen auf Augenhöhe und im direkten Austausch. • Du baust, dokumentierst, testest und bringst Dinge zum Laufen.

Germany
GuidePoint Security logo

Senior Technical Data Security Architect

GuidePoint Security

We help organizations make smarter cybersecurity decisions that minimize risk.

Full TimeRemoteTeam 201-500H1B Sponsor

• Design and maintain end-to-end data security architecture across Microsoft Azure, Microsoft Fabric, Azure Synapse Analytics, Azure Data Lake Storage (ADLS Gen2), and Databricks Lakehouse Platform. • Define and enforce enterprise data classification, labeling, and handling standards aligned with Microsoft Purview Information Protection. • Develop reference architectures and security blueprints for data ingestion, transformation, storage, and consumption layers. • Lead threat modeling sessions for data pipelines and analytics workloads, identifying and mitigating risks proactively. • Establish a Zero Trust data security model across all data platforms and integration points. • Architect and govern data security controls within Microsoft Fabric, including workspace-level and item-level permissions, sensitivity labels, and OneLake security. • Design role-based access control (RBAC) and attribute-based access control (ABAC) strategies across Azure Data Factory, Azure Synapse, Azure Databricks, and Azure SQL. • Implement and operationalize Microsoft Purview for data catalog governance, data lineage, and automated sensitivity classification across hybrid and multi-cloud data estates. • Configure and manage Azure Private Endpoints, VNet integration, and network security groups for data services to eliminate public exposure. • Oversee encryption strategies including Azure Key Vault integration, customer-managed keys (CMK), and data-at-rest / data-in-transit encryption standards. • Partner with identity teams to enforce Entra ID Conditional Access policies, Privileged Identity Management (PIM), and managed identities for data service authentication. • Lead the implementation and tuning of Microsoft Defender for Cloud data security posture management (DSPM) capabilities. • Architect and implement Unity Catalog as the enterprise-wide data governance layer across Databricks workspaces, including metastore design, catalog/schema/table-level permissions, and row/column-level security. • Design Databricks workspace security including network isolation (no-public-IP, vNet injection, private link), cluster policies, and IP access lists. • Define and enforce Databricks credential passthrough, service principal governance, and OAuth integration with Azure Entra ID. • Implement dynamic data masking and column-level security policies within Unity Catalog to protect PII, PHI, and sensitive financial data. • Establish Delta Lake security patterns including table ACLs, fine-grained access control, and audit logging strategies via Databricks system tables. • Oversee the security of Databricks workflows, notebooks, and job clusters, including secrets management integration with Azure Key Vault-backed secret scopes. • Conduct security reviews of MLflow models and Feature Store configurations to address data leakage risks in ML pipelines. • Ensure data platform compliance with relevant regulatory frameworks including GDPR, CCPA, HIPAA, SOC 2 Type II, and PCI-DSS where applicable. • Design and maintain audit trail and data access logging architectures across Microsoft and Databricks platforms. • Conduct regular security risk assessments, gap analyses, and maturity evaluations of the data security program. • Develop and maintain security runbooks, policies, and standards documentation for data platform operations. • Coordinate with legal, compliance, and privacy teams to respond to data subject access requests (DSARs) and regulatory inquiries. • Serve as the primary security advisor to data engineering, analytics engineering, and BI teams throughout the development lifecycle. • Lead security architecture review boards for new data initiatives, third-party data integrations, and major platform changes. • Develop and lead a structured mentoring program for junior and mid-level engineers and architects, providing one-on-one coaching, career guidance, and skills development roadmaps tailored to each individual’s growth goals. • Conduct regular knowledge-sharing sessions, lunch-and-learns, and internal workshops to upskill teams on evolving data security threats, tooling, and compliance requirements across the Microsoft and Databricks ecosystems. • Partner with engineering managers and HR to define data security competency frameworks, leveling guides, and certification pathways that support talent development and retention across the data platform organization. • Establish and maintain a community of practice around data security, fostering peer learning, documentation culture, and cross-team collaboration on shared security challenges and architectural patterns. • Collaborate with SecOps and SOC teams to build data-specific detection rules, incident response playbooks, and forensic investigation capabilities. • Present security posture, risk findings, and remediation roadmaps to executive leadership and board-level stakeholders.

California
Full TimeRemoteTeam 10,001+H1B Sponsor

• Lead and develop the Security Architecture & Assurance team, setting direction, priorities, and operating standards • Ensure high-quality delivery across architecture reviews, assurance activities, and risk assessments • Build capability across cloud security, application security, and assurance methodologies • Act as the escalation point for complex or high-risk security decisions • Define and enforce secure architecture standards, reference patterns, and mandatory security controls • Review and approve security-relevant designs and major technical changes • Embed security throughout delivery lifecycles rather than as a late-stage control gate • Develop and maintain security standards, architecture principles, and governance frameworks • Drive consistent, risk-aware decision-making and remediation tracking • Identify and assess security risks early within design and delivery processes • Provide pragmatic mitigation strategies balancing security, resilience, cost, and delivery priorities

United Kingdom
Job Closed
Label Your Data – Data Annotation & Labeling logo

Head of Security

Label Your Data – Data Annotation & Labeling

Data annotation & labeling for Computer Vision, NLP & LLMs. Bringing high quality performance for ML teams & datasets.

Full TimeRemoteTeam 201-500Since 2020H1B No Sponsor

• Build and develop the company’s security function from the ground up; • Define and implement security processes, policies, and operational standards; • Partner with the group-level security department while establishing independent security ownership within Label Your Data; • Participate in security audits, client security reviews, DPA processes, questionnaires, and compliance-related activities; • Establish and improve access management and security monitoring practices; • Participate in infrastructure and application security initiatives together with technical teams; • Oversee and improve the company’s security stack (EDR, SIEM, VPN/ZTNA, DLP, NGFW, etc.); • Investigate security gaps, operational weaknesses, and incident-related risks; • Validate technical solutions from a security perspective; • Create SOPs, internal security procedures, and operational frameworks; • Own security-related documentation and internal processes; • Shape the future security team, starting with Security Operations / Application Security; • Contribute to long-term security strategy and overall security maturity growth of the company.

Ukraine