LearnVest is redefining the American approach to personal finance. Our planners leverage financial technology to create simple, affordable, realistic plans for anyone who wants to feel confident about their money and optimistic about the future.

Since launching in 2010, LearnVest has been one of the premier financial technology companies in the country, helping thousands of people make progress on their financial goals. LearnVest was acquired by Northwestern Mutual in 2015 and is now scaling its technology and personal finance approach to help millions of people across both the LearnVest and Northwestern Mutual brands.

• Design and Implement Enterprise Information Security Architecture function by working closely with CISO
• Create and manage a team of qualified enterprise information security architects
• With CISO, establish and maintain enterprise wide information security strategies and capabilities adhering to business needs, industry standards and regulatory requirements across all Cloud Native, Cloud Hosted, and legacy infrastructure, information, and applications
• With CISO, periodically assess and report the maturity of these capabilities
• Integrate information protection roadmaps into enterprise wide portfolio and prioritization processes
• Ensure compliance with Information Security architecture standards and requirements. Assess options, risks, costs vs. benefits, and impact on other capabilities, processes and priorities.
• Partner with key stakeholder(s) to review enterprise-wide architecture and solutions, identify risks, and provide remediation recommendations in line with standards and security strategy.
• Working with key stakeholders enable DevSecOps vision organization wide.

• Bachelor's degree in computer science is highly preferred
• A minimum of 10 years’ experience in Information Security and Risk management within medium to large-scale global enterprise insurance or financial organizations
• Experience creating: Data Protection, Information security guidelines and strategy in a highly integrated cloud environments (SaaS, PaaS, IaaS)
• Subject Matter expertise in: IT and Cyber Security, Risk Assessment & Monitoring, Threat remediation, identity & access management, encryption, end point security, etc. Experience building security reference architecture for all in-cloud deployments and hybrid scenarios
• Knowledge of NIST cyber-security and risk management frameworks to include related standards & guidance
• Working knowledge of operational security implementation and management
• Understanding of cyber incident response approaches and computer forensics and operational security implementation and management is essential.
• Experience creating security and architectural strategy spanning enterprise organizations including web-scale environments, applications and systems such as: ecommerce, online marketing, online advertising, digital media, content management systems, content publishing systems, etc.
• Excellent written and presentation capability – important to be able to visualize difficult concepts via PowerPoint, white-boarding, and/or mind mapping.