Sr. Director - IT Security Architecture - REMOTE

Sr. Director - IT Security Architecture - REMOTE

Base pay range: $/yr - $/yr

Additional compensation types:
Annual Bonus

This role will lead the end-to-end design and implementation of enterprise-wide information security architecture, driving technical and architectural best practices for current and future cybersecurity initiatives. Reporting to the VP and CISO, the Senior Director will oversee a team of security architects and engineers responsible for evaluating and recommending solutions aligned with CNO’s cyber strategy—covering cloud, data, AI, and technology blueprints across all business units.

Beyond shaping cybersecurity and IT strategy, this position will collaborate with business leaders to influence sound business strategy related to technology and data. The role also includes managing critical relationships with external service providers (currently Cognizant) to achieve security goals and objectives. As a key contributor to CNO’s cybersecurity governance processes, the Sr. Director will serve on the CNO Cybersecurity Steering Committee, present recommendations to the Enterprise Risk Management Committee, and, when necessary, partner with the CISO to brief the Audit and Enterprise Risk Committee of CNO’s Board of Directors.

• Overseeing, developing and communicating a business first, risk-based and data-driven security architecture strategy and roadmap, solutions, and capabilities for CNO’s cybersecurity program
• Providing expert direction in defining and managing CNO enterprise security strategy and architecture for security services and infrastructure, while considering potential risks in the organization’s current technology deployments, to build a successful and strong enterprise security posture
• Analyzing and selecting alternatives based on threat, risk, desirability, feasibility, and viability
• Reviewing and approving implementation of emerging security technologies and latest regulatory and compliance requirements for security policies, operational standards and security control framework to enhance operational services
• Leading remediation activities or projects within the organization and collaborating with impacted business functions; providing inputs into the end-to-end project deliveries to enforce approved security architecture implementation standards, procedures and methodologies
• Providing expert insight to various enterprise stakeholders to keep them aware of cybersecurity risks or trends, and gaining support for any necessary changes or enhancements
• Leading results analysis of information technology audits and vulnerability reviews, including penetration tests and security design reviews of network infrastructure and applications
• Interfacing with all levels within IT, up to and including the CIO. Will also have business stakeholder interactions and visibility up to and including the Senior Leadership Group and the Executive Leadership Group.
• Direct participation within governance committees – Audit and Enterprise Risk Committee, Enterprise Risk Management Committee, and Cyber Security Steering Committee, etc.
• Recruiting, motivating, mentoring, and leading critical cybersecurity talent, including security architects and engineers, focusing especially on maintaining healthy succession planning activities

• Have extensive know-how of security technology including, but not limited to, authentication, security protocols, cloud security, and AI/ML
• Are knowledgeable about legal and regulatory matters in the context of cybersecurity
• Have a strong ability to work with a global managed service provider to achieve cyber goals
• Possess a deep understanding of enterprise architecture and security frameworks like TOGAF, NIST, CIS, etc.
• Have a strong understanding of Dev Ops/Dev Sec Ops
• Are knowledgeable about the business principles of secure system design and experienced in modern design techniques
• Ability to write, develop, and maintain technical documentation, including reference architecture and implementation plans
• Experience in the implementation of cyber solutions and standard methodologies

• Bachelor’s degree in Computer Science, Information…