Principal cyber security directory security architect

2 weeks ago

Chicago, United States Northern Trust Asset Management Full time
Principal Cyber Security Directory Security Architect

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

We are seeking a highly skilled Active Directory Security Architect with deep expertise in architecting, designing secure, resilient, and compliant Active Directory (AD) and Azure AD environments. As part of the Strategic Security Architecture team, you will focus on the security architecture of hybrid-joined AD environments, multi-tenant Azure AD configurations, and identity governance frameworks. This role is critical to defining and implementing the security strategies that protect our identity infrastructure.

Responsibilities:

  1. Architect secure Active Directory and Azure AD solutions, focusing on hybrid-joined environments where on-premises Active Directory is integrated with cloud services, ensuring security best practices are adhered to.
  2. Design and manage a multi-tenant Azure AD architecture, ensuring that identity and access management (IAM) solutions are secure, scalable, and aligned with organizational policies and regulatory compliance requirements.
  3. Lead the architectural design of identity and access management (IAM) frameworks, focusing on security best practices, including Multi-Factor Authentication (MFA), Single Sign-On (SSO), and conditional access policies.
  4. Define the security architecture for privileged access management (PAM), incorporating Privileged Identity Management (PIM), Just-in-Time (JIT) access, and other security controls to mitigate risks associated with elevated permissions.
  5. Collaborate with cross-functional teams (including IT, security operations, and DevOps) to ensure that the AD and Azure AD environments align with the broader security architecture, supporting zero trust, identity governance, and automation goals.
  6. Develop the strategic roadmap for AD and Azure AD security enhancements, ensuring continuous improvement, scalability, and alignment with evolving cybersecurity threats and organizational growth.
  7. Guide and advise on the security configuration of Group Policy Objects (GPOs), RBAC, and security groups within both on-premises AD and Azure AD environments, without direct responsibility for day-to-day management.
  8. Architect and manage hybrid identity environments that combine on-premises AD with Azure AD, ensuring that authentication, authorization, and identity management are securely handled across both platforms.
  9. Conduct security assessments and threat modeling to identify potential risks within the Active Directory infrastructure and hybrid cloud environments, recommending and driving the implementation of mitigation strategies.
  10. Provide security architecture oversight during the onboarding of new applications and services that leverage AD and Azure AD for authentication and authorization, ensuring compliance with security standards.
  11. Advise on the integration and use of security monitoring tools like Microsoft Defender for Identity and Microsoft Sentinel, ensuring AD and Azure AD-related security events are effectively captured and responded to as part of the broader incident response strategy.
  12. Collaborate on cloud security initiatives, ensuring the secure integration of AD with Azure services and providing guidance on identity governance for multi-tenant Azure AD environments.
  13. Develop architectural standards and documentation that guide the secure deployment and management of both on-premises and cloud-based identity environments.
  14. Stay informed on emerging security threats, trends, and regulatory changes affecting Active Directory, Azure AD, and hybrid identity services, advising leadership on strategic responses to these challenges.

Qualifications:

  1. Extensive experience in Active Directory security architecture, including hybrid identity environments with Azure AD and multi-tenant Azure AD architecture.
  2. Strong knowledge of authentication protocols (e.g., Kerberos, LDAP, OAuth, OpenID Connect, SAML) and expertise in hybrid Active Directory environments that integrate on-premises AD with cloud-based Azure AD.
  3. Experience in designing privileged access management (PAM) frameworks and architecting identity governance solutions, including PIM and JIT access.
  4. Proven ability to develop and document security architecture standards for both AD and Azure AD environments, ensuring consistency and alignment with cybersecurity policies.
  5. Expertise in security risk assessment, threat modeling, and designing mitigation strategies for hybrid identity and cloud environments.
  6. Familiarity with security monitoring tools (e.g., Microsoft Defender for Identity, Microsoft Sentinel) and their role in detecting security incidents within AD and Azure AD environments.
  7. Proficiency in PowerShell scripting is required for automating architectural tasks, creating templates, and supporting automation initiatives.
  8. Microsoft Certified: Identity and Access Administrator Associate or similar certifications are a plus.
  9. Strong communication and leadership skills to work with cross-functional teams, stakeholders, and executive leadership, translating complex security architecture concepts into actionable strategies.
  10. Ability to think strategically and design security architectures that support long-term enterprise goals while addressing immediate cybersecurity challenges.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas. Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve Join a workplace with a greater purpose. We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies Build your career with us and apply today. #MadeForGreater

Reasonable Accommodation: Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

#J-18808-Ljbffr

  • Principal, Cyber Security: Active Directory Security Architect

    2 weeks ago

    Chicago, United States Northern Trust Corp. Full time

    Principal, Cyber Security: Active Directory Security Architect50 South Lasalle Street, Chicago, IL 60603Job DetailsJob type: Full-timeFull Job DescriptionAbout Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889. Northern Trust is proud to provide...

  • Principal, Cyber Security: Active Directory Security Architect

    2 weeks ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...

  • Product Cyber Security Architect

    3 weeks ago

    Chicago, United States S&C Electric Full time

    We are seeking a Product Cyber Security Architect to champion information security for S&C's cyber security vision for product development to include embedded IOT devices as well as, cloud-based, desktop and mobile applications. The skillset requires a technical understanding of cyber security best practices, implementation with the ability to clearly...

  • Product Cyber Security Architect

    2 months ago

    Chicago, United States S&C Electric Company Full time

    We are seeking a Product Cyber Security Architect to champion information security for S&C’s cyber security vision for product development to include embedded IOT devices as well as, cloud-based, desktop and mobile applications. The skillset requires a technical understanding of cyber security best practices, implementation with the ability to clearly...

  • Product Cyber Security Architect

    2 weeks ago

    Chicago, United States S&C Electric Full time

    We are seeking a Product Cyber Security Architect to champion information security for S&C's cyber security vision for product development to include embedded IOT devices as well as, cloud-based, desktop and mobile applications. The skillset requires a technical understanding of cyber security best practices, implementation with the ability to clearly...

  • Product Cyber Security Architect

    3 weeks ago

    Chicago, United States S&C Full time

    Job Description We are seeking a Product Cyber Security Architect to champion information security for S&C's cyber security vision for product development to include embedded IOT devices as well as, cloud-based, desktop and mobile applications. The skillset requires a technical understanding of cyber security best practices, implementation with the ability...

  • Cloud Security Architect

    1 week ago

    Chicago, Illinois, United States Cyber Crime Full time

    Cloud Security ArchitectWe're seeking a highly skilled Cloud Security Architect to join our team at Cyber Crime. As a key member of our Cybersecurity team, you will be responsible for ensuring the security and compliance of our cloud platform and products.Key ResponsibilitiesDevelop and implement technical solutions to ensure compliance with industry...

  • Entra ID Architect

    16 minutes ago

    Chicago, United States Hexaware Technologies Full time

    What Working at Hexaware offers:Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.Hexaware provides access to a vast array of tools that enhance,...

  • Manager, Cyber Security

    3 months ago

    Chicago, United States The AZEK Company Full time

    Manager, Cyber Security & OperationsThe AZEK CompanyThe AZEK Company (www.azekco.com) is a $1 Billion and growing industry-leading manufacturer of beautiful, low-maintenance, and environmentally sustainable building products, with a focus on decking and outdoor living. Consistently recognized as the market leader in innovation, quality and aesthetics,...

  • Hexaware Technologies | Entra ID Architect

    10 hours ago

    chicago, United States Hexaware Technologies Full time

    What Working at Hexaware offers:Hexaware is a dynamic and innovative IT organization committed to delivering cutting-edge solutions to our clients worldwide. We pride ourselves on fostering a collaborative and inclusive work environment where every team member is valued and empowered to succeed.Hexaware provides access to a vast array of tools that enhance,...

  • Manager, Cyber Security

    4 weeks ago

    Chicago, United States The Azek Company Full time

    Manager, Cyber Security & OperationsThe AZEK CompanyThe AZEK Company (www.azekco.com) is a $1 Billion and growing industry-leading manufacturer of beautiful, low-maintenance, and environmentally sustainable building products, with a focus on decking and outdoor living. Consistently recognized as the market leader in innovation, quality and aesthetics,...

  • Manager, Cyber Security

    3 weeks ago

    Chicago, IL, United States The AZEK Company Full time

    Manager, Cyber Security & OperationsThe AZEK CompanyThe AZEK Company (www.azekco.com) is a $1 Billion and growing industry-leading manufacturer of beautiful, low-maintenance, and environmentally sustainable building products, with a focus on decking and outdoor living. Consistently recognized as the market leader in innovation, quality and aesthetics,...

  • Active Directory Architect

    2 weeks ago

    chicago, United States Mindlance Full time

    Client : Airlines/Aerospace/AviationTitle : Active Directory Engineer/Active Directory Architect/Infrastructure Engineer/Infrastructure ArchitectLocation : Chicago, IL 60606 and Houston, TX 77002Duration : 05 months Top 3 skill sets required for this role:Active DirectoryAzure AD/Entra IDTroubleshootingNice to have skills or certifications:ADFSDisaster...

  • Active Directory Architect

    2 weeks ago

    Chicago, United States Mindlance Full time

    Client : Airlines/Aerospace/AviationTitle : Active Directory Engineer/Active Directory Architect/Infrastructure Engineer/Infrastructure ArchitectLocation : Chicago, IL 60606 and Houston, TX 77002Duration : 05 months Top 3 skill sets required for this role:Active DirectoryAzure AD/Entra IDTroubleshootingNice to have skills or certifications:ADFSDisaster...

  • Sr Principal

    3 days ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...

  • Sr Principal

    1 week ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...

  • Sr Principal

    3 days ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...

  • Cyber Security Specialist

    2 weeks ago

    chicago, United States EPITEC Full time

    Position:Cyber Security SpecialistLocation:Onsite - Chicago, ILJob Type:3-months with the potential to be extended Compensation Range:$34-$39/hrDescription:The Cybersecurity Sr. Specialist support cybersecurity operations by designing, developing or recommending secure technical solutions, including policy, standards, applications, systems, architectures,...

  • Cyber Security Specialist

    2 weeks ago

    chicago, United States EPITEC Full time

    Position:Cyber Security SpecialistLocation:Onsite - Chicago, ILJob Type:3-months with the potential to be extended Compensation Range:$34-$39/hrDescription:The Cybersecurity Sr. Specialist support cybersecurity operations by designing, developing or recommending secure technical solutions, including policy, standards, applications, systems, architectures,...

  • Principal, Security Architect

    3 days ago

    Chicago, United States Northern Trust Full time

    About Northern Trust:Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring...