Principal, Cyber Security: Active Directory Security Architect

2 months ago

Chicago, United States Northern Trust Corp. Full time
Principal, Cyber Security: Active Directory Security Architect

50 South Lasalle Street, Chicago, IL 60603

Job Details

Job type: Full-time

Full Job Description

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

We are seeking a highly skilled Active Directory Security Architect with deep expertise in architecting, designing secure, resilient, and compliant Active Directory (AD) and Azure AD environments. As part of the Strategic Security Architecture team, you will focus on the security architecture of hybrid-joined AD environments, multi-tenant Azure AD configurations, and identity governance frameworks. This role is critical to defining and implementing the security strategies that protect our identity infrastructure.

Responsibilities:
  1. Architect secure Active Directory and Azure AD solutions, focusing on hybrid-joined environments where on-premises Active Directory is integrated with cloud services, ensuring security best practices are adhered to.
  2. Design and manage a multi-tenant Azure AD architecture, ensuring that identity and access management (IAM) solutions are secure, scalable, and aligned with organizational policies and regulatory compliance requirements.
  3. Lead the architectural design of identity and access management (IAM) frameworks, focusing on security best practices, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and conditional access policies.
  4. Define the security architecture for privileged access management (PAM), incorporating Privileged Identity Management (PIM), Just-in-Time (JIT) access, and other security controls to mitigate risks associated with elevated permissions.
  5. Collaborate with cross-functional teams (including IT, security operations, and DevOps) to ensure that the AD and Azure AD environments align with the broader security architecture, supporting zero trust, identity governance, and automation goals.
  6. Develop the strategic roadmap for AD and Azure AD security enhancements, ensuring continuous improvement, scalability, and alignment with evolving cybersecurity threats and organizational growth.
  7. Guide and advise on the security configuration of Group Policy Objects (GPOs), RBAC, and security groups within both on-premises AD and Azure AD environments, without direct responsibility for day-to-day management.
  8. Architect and manage hybrid identity environments that combine on-premises AD with Azure AD, ensuring that authentication, authorization, and identity management are securely handled across both platforms.
  9. Conduct security assessments and threat modeling to identify potential risks within the Active Directory infrastructure and hybrid cloud environments, recommending and driving the implementation of mitigation strategies.
  10. Provide security architecture oversight during the onboarding of new applications and services that leverage AD and Azure AD for authentication and authorization, ensuring compliance with security standards.
  11. Advise on the integration and use of security monitoring tools like Microsoft Defender for Identity and Microsoft Sentinel, ensuring AD and Azure AD-related security events are effectively captured and responded to as part of the broader incident response strategy.
  12. Collaborate on cloud security initiatives, ensuring the secure integration of AD with Azure services and providing guidance on identity governance for multi-tenant Azure AD environments.
  13. Develop architectural standards and documentation that guide the secure deployment and management of both on-premises and cloud-based identity environments.
  14. Stay informed on emerging security threats, trends, and regulatory changes affecting Active Directory, Azure AD, and hybrid identity services, advising leadership on strategic responses to these challenges.
Qualifications:
  1. Extensive experience in Active Directory security architecture, including hybrid identity environments with Azure AD and multi-tenant Azure AD architecture.
  2. Strong knowledge of authentication protocols (e.g., Kerberos, LDAP, OAuth, OpenID Connect, SAML) and expertise in hybrid Active Directory environments that integrate on-premises AD with cloud-based Azure AD.
  3. Experience in designing privileged access management (PAM) frameworks and architecting identity governance solutions, including PIM and JIT access.
  4. Proven ability to develop and document security architecture standards for both AD and Azure AD environments, ensuring consistency and alignment with cybersecurity policies.
  5. Expertise in security risk assessment, threat modeling, and designing mitigation strategies for hybrid identity and cloud environments.
  6. Familiarity with security monitoring tools (e.g., Microsoft Defender for Identity, Microsoft Sentinel) and their role in detecting security incidents within AD and Azure AD environments.
  7. Proficiency in PowerShell scripting is required for automating architectural tasks, creating templates, and supporting automation initiatives.
  8. Microsoft Certified: Identity and Access Administrator Associate or similar certifications are a plus.
  9. Strong communication and leadership skills to work with cross-functional teams, stakeholders, and executive leadership, translating complex security architecture concepts into actionable strategies.
  10. Ability to think strategically and design security architectures that support long-term enterprise goals while addressing immediate cybersecurity challenges.
Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies Build your career with us and apply today. #MadeForGreater

Reasonable Accommodation:

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center.

#J-18808-Ljbffr

  • Principal, Cyber Security: Active Directory Security Architect

    2 months ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...

  • Principal, Cyber Security: Active Directory Security Architect

    2 weeks ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...

  • Cyber Security Architect

    3 weeks ago

    Chicago, United States S&C Electric Company Full time

    We are seeking a Product Cyber Security Architect to champion information security for S&C‘s cyber security vision for product development to include embedded IOT devices as well as, cloud-based, desktop and mobile applications. The skillset requires a technical understanding of cyber security best practices, implementation with the ability to clearly...

  • Cyber Security Architect

    4 weeks ago

    Chicago, Illinois, United States Northern Trust Full time

    About the RoleWe are seeking a highly skilled Cyber Security Architect to join our Strategic Security Architecture team. The successful candidate will have deep expertise in architecting secure, resilient, and compliant Active Directory (AD) and Azure AD environments.Key ResponsibilitiesArchitect secure AD and Azure AD solutions, focusing on hybrid-joined...

  • Cyber Security Specialist

    4 days ago

    Chicago, Illinois, United States Keeper Security, Inc. Full time

    Job DescriptionWe are looking for a talented Revenue Growth Manager to join our team at Keeper Security, Inc. As a key member of our sales team, you will be responsible for driving revenue growth through existing customer relationships and identifying new business opportunities.About the RoleThe successful candidate will have a proven track record of success...

  • Information Security Operations Manager

    1 week ago

    Chicago, Illinois, United States Iceberg Cyber Security Full time

    We are seeking a seasoned Information Security Operations Manager to lead our Security operations team at Iceberg Cyber Security. The annual salary range for this position is $160,000 - $240,000.In this critical role, you will oversee the day-to-day activities of our Security operations team, ensuring that all security-related tasks are completed efficiently...

  • Active Directory Security Engineer

    4 days ago

    Chicago, Illinois, United States Hispanic Technology Executive Council Full time

    Job Description:The Hispanic Technology Executive Council seeks an experienced Active Directory Security Engineer to join our team. As a key member of our Global Information Security (GIS) department, you will be responsible for ensuring the security and integrity of our bank's information systems.About the Role:We are looking for a highly skilled individual...

  • Cyber Security Analyst

    3 days ago

    Chicago, United States Request Technology, LLC Full time

    ***Hybrid, 3 days onsite, 2 days remote******We are unable to sponsor as this is a permanent full-time role***A prestigious company is looking for an Associate Principal, Cyber Defense. This role is focused on threat intelligence, incident response, security alerts, events analysis, network traffic, etc. Responsibilities:Monitor security alerts and events...

  • Entra ID Architect

    1 month ago

    Chicago, United States Hexaware Technologies Full time

    What Working at Hexaware offers:Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.Hexaware provides access to a vast array of tools that enhance,...

  • Entra ID Architect

    3 days ago

    Chicago, United States Hexaware Technologies Full time

    What Working at Hexaware offers:Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.Hexaware provides access to a vast array of tools that enhance,...

  • Cyber Security Network Architect

    2 weeks ago

    Chicago, Illinois, United States Nielsen Consumer LLC Full time

    Cyber Security Network ArchitectEst. Salary: $120,000 - $180,000/yearNielsen Consumer LLC is seeking a highly skilled Cyber Security Network Architect to maintain and operate current network security technologies while implementing more sophisticated means of visibility and control of network traffic.We are looking for someone with hands-on experience with...

  • Active Directory Security Specialist

    1 week ago

    Chicago, Illinois, United States Bank of America Full time

    Job Description:In this role, you will be responsible for ensuring the security of Active Directory environments. The estimated salary range for this position is $120,000 - $180,000 per year, depending on location and experience.About Bank of AmericaBank of America is a leading financial institution dedicated to helping individuals and businesses achieve...

  • Global Security Incident Analyst

    1 week ago

    Chicago, Illinois, United States Iceberg Cyber Security Full time

    We're excited to announce an opening for a Global Security Incident Analyst at Iceberg Cyber Security!This role is perfect for a technical security analyst who thrives in a fast-paced technology environment. As a key member of our security operations team, you'll be responsible for performing triage of global security alerts from various sources, analyzing...

  • Information Security Operations Specialist

    1 week ago

    Chicago, Illinois, United States Iceberg Cyber Security Full time

    Iceberg Cyber Security is seeking an Information Security Operations Specialist to join our team. This position offers a competitive salary of around $90,000 to $125,000 per year.In this role, you will be responsible for analyzing security alerts to identify and respond to incidents, managing internal support tickets, and creating threat detections. You will...

  • Iceberg Cyber Security | Security Operations Engineer | chicago, il

    4 weeks ago

    chicago, United States Iceberg Cyber Security Full time

    Security Operations Analyst *US Citizens or Green card holders only* Reporting to the SOC Team Lead, we are supporting a global financial organization in Chicago looking to hire a Security Analyst who loves problem solving, has a curious mindset and has the ability to pick up new technology quickly. The role involves performing triage of global security...

  • Iceberg Cyber Security | Security Operations Engineer | chicago, il

    4 weeks ago

    chicago, United States Iceberg Cyber Security Full time

    Security Operations Analyst *US Citizens or Green card holders only* Reporting to the SOC Team Lead, we are supporting a global financial organization in Chicago looking to hire a Security Analyst who loves problem solving, has a curious mindset and has the ability to pick up new technology quickly. The role involves performing triage of global security...

  • Cloud Security Architect

    2 weeks ago

    Chicago, Illinois, United States Illumio Full time

    Secure the Future with IllumioIllumio, a pioneer in Zero Trust segmentation, empowers organizations to prevent breaches from becoming cyber disasters. As a Principal Solution Architect at Illumio, you will play a pivotal role in designing secure, scalable, and resilient architectures that protect critical applications and valuable digital assets.The...

  • Cloud Security Architect

    4 days ago

    Chicago, Illinois, United States Georgia IT Inc Full time

    Job Title: Cloud Security ArchitectSalary Range: $120,000 - $180,000 per yearAbout Us: Georgia IT Inc is a leading provider of cybersecurity solutions. We are seeking a highly skilled Cloud Security Architect to join our team.Job Description:Design and implement cloud security technologies to protect client data and applications.Review existing cloud...

  • Hexaware Technologies | Entra ID Architect

    1 month ago

    chicago, United States Hexaware Technologies Full time

    What Working at Hexaware offers:Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.Hexaware provides access to a vast array of tools that enhance,...

  • Hexaware Technologies | Entra ID Architect

    1 month ago

    chicago, United States Hexaware Technologies Full time

    What Working at Hexaware offers:Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.Hexaware provides access to a vast array of tools that enhance,...