At MFS, you will find a culture that supports you in doing what you do best. Our employees work together to reach better outcomes, favoring the strongest idea over the strongest individual. We put people first and demonstrate care and compassion for our community and each other. Because what we do matters - to us as valued professionals and to the millions of people and institutions who rely on us to help them build more secure and prosperous futures.What you will be responsible for:
The Security Architect is a subject matter expert in Information Security and is responsible for the design, implementation, and effective and efficient maintenance of related technologies. Additionally, this individual has broad and expert knowledge of Information Technology at large, with a firm understanding of related disciplines and how they interoperate. The Security Architect is responsible for leading design, implementation, and troubleshooting efforts and is directly accountable for the results. The Security Architect's deep and broad knowledge enables a holistic understanding of the technology environment.
- Serves as key subject matter expert in the field of Information Security, maintaining a deep understanding of the field and its related technologies.
- Proactively develops and maintains strong knowledge of MFS information systems and their related components, and makes recommendations to improve the reliability, scalability, performance, or security of these systems as appropriate.
- This includes proactive performance tuning and capacity analysis to ensure MFS is maximizing its technology investment.
- Leverages technology to automate manual tasks, and seeks to improve efficiency wherever practicable and appropriate.
- Provides technical support to ensure the ongoing efficient and reliable operations of related MFS information systems.
- Provides the technical service function for security operations. Responsible for addressing technical level security service requests received by clients. Receives documents, solves, and communicates service resolution according to management's directives and applicable policies, procedures, and standards.
- Performs work within security service levels and strives to improve service levels and maintain excellent client relationships.
- Assists management in determining Information Security strategy and direction for the company and for selected technologies.
- Advises IT management on information security issues, systems, processes, products, and services; defines requirements in support of budget plans and makes recommendations for ways to improve performance and reduce costs.
- Develops, enforces and maintains MFS Information Security controls, procedures, and standards.
- Responsible for understanding the internal and external technological tools/software used by the Information Security group to maintain compliance, assess threats and vulnerabilities, support remote and Internet access, and manage encryption.
- Takes a leadership role in the management of these technological tools by understanding their purpose, application, and overall maintenance and administration.
- Leads security risk assessments to methodically analyze MFS information technology assets and processes, identifying risks from both a technical and business perspective, and recommending mitigation strategies to mitigate those risks to an acceptable level.
- Works closely with Information Technology and business units to ensure that security controls are properly implemented across the environment, both during design and after deployment.
- Prepares detailed and well-written documentation. Conducts security investigations according to documented procedures and management's directives.
- Maintains confidentiality in these matters and works to ensure the confidentiality of other information which is encountered during the discharge of security responsibilities.
- Receives broad goals and overall objectives from Management and proactively establishes and implements the methods to attain them.
- Maintain the security of a company's technology environment by planning comprehensive (complex) control design to mitigate threats while balanced with company's risk appetite and provide assurance it works
- Create solutions that balance business requirements with information and cyber security requirements
- Assess, establish and monitor countermeasures that protect, detect and/or deter when an unauthorized attempt occurs
- Serves as mentor to other technical team members, and presents technology briefings to IT and business line management as required. Researches and implements industry best practices.
- Advanced understanding of security protocols, cryptography, and security
- Bachelor's degree or equivalent experience in a related technical field. Master's degree or equivalent preferred.
- Ten or more (10+) years of related Information Technology with a minimum of six (6+) years of Information Security-specific experience. CISSP preferred.
- Additional possible certifications: CISM, CISA, ISSAP, ISSEP
- Considered subject matter expert in the area.
- Strong knowledge of multiple technologies, platforms, and programming languages.
- Solid understanding of Systems Development Life Cycle models.
- Exceptional communication skills with diverse audiences, including facilitation, negotiation and presentation skills
- Strong critical thinking, analytical skills and attention to detail Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments, and provide technical guidance to a security team
- Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
- Intimate knowledge of current and trends with security solutions to be able to integrate with controls and safeguards
- Familiar with emerging technology and the effect on designing security controls, such as Blockchain, Artificial Intelligence, Machine Language, Robotics, Mobile, Cloud (public, private and hybrid for Infrastructure as a Service (IAAS, Amazon Web Services (AWS) or Microsoft Azure), Platform as a Service (PAAS), Software as a Service (SAAS)
- Familiar with emerging technology and the effect on designing security controls, such as Containerization, Artificial Intelligence, Office 365, Robotics, Mobile, Cloud (public, private and hybrid for Infrastructure as a Service (IAAS, Amazon Web Services (AWS) or Microsoft Azure), Platform as a Service (PAAS), Software as a Service (SAAS)
- Understanding of network protocols and ability to develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices Understand programming language and technologies to write code, complete programming and performs testing and debugging of applications Java/J2EE, C#, API/web services, scripting languages and a relational database management system (RDBMS) such as MS SQL Server or Oracle.
- Strong understanding of Cloud and Application Security Best Practices, Azure and O365 experience preferred. Intimate knowledge of current and trends with security solutions to be able to integrate with controls and safeguards Strong knowledge of security frameworks including NIST, ISO 27001, CIS, CSA, MITRE ATT&K etc.
#LI-HYBRID What we offer:
- Generous time-off provided: including "Responsible time off" for many roles, paid company holidays when the US Stock Exchange is closed, plus paid volunteer time
- Family Focus: Up to 20 weeks of paid leave for new parents, back-up care program, dependent care flexible spending account, adoption assistance, generous caregiver leave
- Health and Welfare: Competitive medical, vision and dental plans, plus tax-free health savings accounts with company contributions
- Wellness Programs: Robust wellness webinars, employee assistance program, gym reimbursement through our medical plans, fitness center discounts and more
- Life & Disability Benefits: Company-paid basic life insurance and short-term disability
- Financial Benefits: 401(k) savings plan, Defined Contribution plan- 15% of base salary invested into the Plan, competitive total compensation programs
During the Covid pandemic, MFS Employees are currently working from home. When safe to do so and in accordance to local government guidelines, MFS will be a hybrid work environment (remote/onsite) unless otherwise stated in the job posting.
This position will require individuals to be fully vaccinated against COVID-19 as part of their job responsibilities, unless MFS approves an exemption as an accommodation due to a medical condition or sincerely held religious belief. Submission of an exemption request does not guarantee that an exemption will be approved or that the request can be accommodated.
If any applicant is unable to complete an application or respond to a job opening because of a disability, please contact MFS at 617-954-5000 or email for assistance.
MFS is an Affirmative Action and Equal Opportunity Employer and it is our policy to not discriminate against any employee or applicant for employment because of race, color, religion, sex, national origin, age, marital status, sexual orientation, gender identity, genetic information, disability, veteran status, or any other status protected by federal, state or local laws. Employees and applicants of MFS will not be subject to harassment on the basis of their status. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited. Please see the EEO is the Law document and Pay Transparency Nondiscrimination Provision, linked for your reference.
MFS is an Affirmative Action and Equal Opportunity Employer and it is our policy to not discriminate against any employee or applicant for employment because of race, color, religion, sex, national origin, age, marital status, sexual orientation, gender identity, genetic information, disability, veteran status, or any other status protected by federal, state or local laws. Employees and applicants of MFS will not be subject to harassment on the basis of their status. Additionally, retaliation, including intimidation, threats, or coercion, because an employee or applicant has objected to discrimination, engaged or may engage in filing a complaint, assisted in a review, investigation, or hearing or have otherwise sought to obtain their legal rights under any Federal, State, or local EEO law is prohibited. Click here to view the EEO is the Law poster and supplement.