At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
As a member of the Enterprise Information Risk & Cybersecurity (EIRC) Threat Modeling and Security Strategy team, you’ll be responsible for providing security mentorship and solutions that protect the organization, while enabling business. The engineer will work closely with enterprise partners, including but not limited to security architecture and operations, IT infrastructure, application development, enterprise architecture, and audit.
The ideal candidate will have technical knowledge covering a broad range of security technologies and platforms, as well as familiarity with various threat modeling frameworks.
The security engineer aids in assessing current state of various security domains and is able to be forward thinking and proactively suggest efficient security solutions. The engineer is encouraged to think like an adversary and identify how solutions should evolve as the threat landscape changes. The architect should possess strong communication and organizational skills and interact well within the team structure and across varying levels of the organization.
What you’ll do:
- Threat Modeling, using known frameworks (NIST data-centric threat modeling, STRIDE, etc.)
- Project and research work as needed
- Gap analysis of security domains based on industry standard processes for information security
- Development of security guidance documentation
What we’re looking for:
- BA/BS in computer science, cybersecurity, information security, related field, or equivalent work experience
- Ability to creatively problem solve and deliver effective results and tangible outcomes
- Demonstrated knowledge of threat modeling frameworks and methodologies
- Passionate about information security
- Demonstrated knowledge of/experience with network architecture, IT perimeter design, application architecture and design, common authentication protocols and frameworks, industry standard frameworks (NIST, ISO), cloud architectures, networking protocols, incident response processes, email security, and cryptography.
- Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs) (MITRE ATT&CK framework), Cyber Kill Chain, and other relevant cybersecurity frameworks.
- Must be highly collaborative, able to optimally interact and communicate with peers, management and leadership teams of varying technical levels, and act with when security challenges or requirements arise.
- 3-6 years of experience
- Information security certifications (CISSP, SANS GIAC, etc.)
- Highly competitive compensation, including annual bonus opportunities
- Medical/Dental/Vision plans, pension program
- Tuition reimbursement, commuter plans, and paid time off
- Extensive Professional Training Opportunities
- Excellent Work/Life Balance
- Hackathons/Dedication to Innovation
If you feel comfortable carrying out the job responsibilities, even if your qualifications don’t exactly match our list here, we encourage you to apply!
Grow your career with a best-in-class company that puts our client’s interests at the center of all we do. Get started now!
W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.
FIND YOUR FUTURE
We’re excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.
Flexible work schedules
Employee resource groups