Enterprise Security Architect

Our Story:
Crisis Prevention Institute Inc. is the worldwide leader in evidence-based de-escalation and crisis prevention training, and dementia care services. Since 1980, we’ve helped train more than 15 million people within service-oriented industries including education, healthcare, behavioral health, long-term care, human services, security, corrections, corporate, and retail.

At CPI, we are dedicated to changing behaviors and reducing conflict for the Care, Welfare, Safety, and Security^SM of everyone. We believe in the power of empathy, compassion, and meaningful connections. We believe personal safety and security are the antidotes to fear and anxiety. It’s a philosophy that is central to everything we do, and traces back to our beginning. It is what defines and differentiates us, and informs our core beliefs.

The Role:

The Enterprise Security Architect will design, implement, and maintain our security architecture while developing, reviewing, and guiding information security solutions across all business units, collaborating with stakeholders and teams throughout the organization. This role is responsible for guiding information security controls into business and technology processes, overseeing threat modeling products and services, identifying and remediating risks for externally sourced and internally developed software, and partnering with development teams to implement secure software development practices.

What You Get To Do Everyday:

• Plan, research, and design comprehensive security architecture for enterprise Technology Services systems, aligning with business strategies and requirements.
• Define security (functional and non-functional) requirements aligned with business objectives.
• Work with stakeholders to select, evaluate, design, and document enterprise security solutions.
• Support the development of security standards, reference architectures, patterns, and guidelines for consistent security posture.
• Assess the effectiveness of security controls (data protection, identity and access management (IAM), detective controls, infrastructure/network security, incident response) and drive implementation of appropriate controls, processes, and remediation of non-compliance.
• Research and advocate new technologies, architectures, and security products to enhance the organization's security maturity roadmap.
• Act as a subject matter expert for security design, configurations, baselines, and technical standards.
• Stay informed about emerging security practices and standards.
• Respond to and investigate security incidents, providing thorough post-event analyses.
• Verify security systems through the development and implementation of test scripts.
• Conduct regular security testing, monitoring, and implements necessary enhancements to maintain a strong security posture.
• Collaborate with senior leadership to define security requirements, effectively communicate results, and assess security risks.
• Enhance the Security team's capabilities of delivering solutions and answering technical questions.
• Perform other position-related duties as assigned.

You Need to Have:

• Bachelor’s degree in computer science, technology services, or a related field
• Seven years or more of work experience designing and building enterprise-level security architecture and engineering environments
• Experience working with cloud security architectures (Azure, AWS)
• Experience working with advanced security controls and technologies (e.g., SIEM, CASB, Data Loss Prevention (DLP))
• Experience integrating security throughout the software development lifecycle (SDLC).
• Experience with secure architecture principles, secure SDLC, and security device management (installation, configuration, troubleshooting)
• Experience working with and resolving network attacks, phishing, spam email, encryption, authentication, logging and log analysis, and device reputation
• Experience securing application programming interfaces (APIs) to prevent unauthorized access and data breaches
• Experience designing architectural reference materials
• Experience working with incident response planning and execution
• Experience working with security testing (scanning, pen testing, blue/red team activities)
• Experience working with common industry standards (ISO27001/2, NIST, COBIT, CIS) and regulatory standards (SOX, PCI, GDPR, CCPA)
• Experience conducting security risk assessments, business impact analysis (BIA), and business continuity planning (BCP)
• Experience working in technology rationalization, assessments, and strategy development within cybersecurity contexts
• Experience identifying security weaknesses and recommending remediation using industry best practices
• Experience building test environments to simulate real-world security situations
• Experience securing cloud containers and serverless functions
• Experience working with Secure Access Service Edge (SASE)
• Experience working with Identity Governance and Administration (IGA).
• Experience implementing Zero Trust security
• Knowledge of the latest cybersecurity threats and defense mechanisms
• Knowledge of data security techniques and best practices for protecting data at rest, in transit, and in use
• Knowledge of IAM, access control models, authentication methods, and authorization principles
• Knowledge of application security, including secure coding practices, vulnerability assessments, and penetration testing methodologies
• Knowledge of encryption algorithms, key management practices, and data protection
• Certified information systems security professional (CISSP) certification
• Certified Information Security Manager (CISM) certification
• Certified ethical hacker (CEH) certification
• Ability to influence and negotiate with senior stakeholders
• Ability to align security strategy with business objectives
• Highly collaborative, capable of interacting and communicating effectively with peers, management, and leadership teams of varying technical levels, and acting with urgency in response to security challenges or requirements
• Strong analytical skills, with attention to detail
• Advanced technical writing skills and the ability to lead and communicate effectively within an enterprise environment
• Exceptional written and verbal communication skills
• Well-developed interpersonal skills, negotiation, writing, speaking, and listening skills
• Strong business acumen and strategic thinking ability

We'd Love to See:

• Experience mentoring and leading security teams
• Experience managing the budget for a security team
• Experience working with python and scripting languages
• Knowledge of current and emerging security threats

What We Offer:

• $135,000 - $145,000 annual salary
• Annual company performance bonus
• Comprehensive benefits package
• 401k
• PTO
• Health & Wellness Days
• Paid Volunteer Time Off
• Continuing education and training
• Hybrid work schedule

Crisis Prevention Institute is an Equal Opportunity Employer that does not discriminate against any applicant or employee on the basis of age, race, color, ethnicity, national origin, citizenship, religion, diversity of thoughts and beliefs, creed, sex, sexual orientation, gender, gender identity, or expression (including against any individual that is transitioning, has transitioned, or is perceived to be transitioning), marital status or civil partnership/union status, physical or mental disability, medical condition, pregnancy, childbirth, genetic information, military and veteran status, or any other basis prohibited by applicable federal, state, or local law. The Company will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Our management team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities, and general treatment during employment.