Security Architect

Date: Jul 28, 2022

Location: Crystal Lake, IL, US, 60014 Jundiai, São Paulo, BR, 13213-173 Cary, IL, US, 60013 Milton Keynes, ENG, GB, MK15 0DF Verneuil d'Avre et d'Iton, 27, FR, 27130 Vladimir, RU, 600033 Berazategui, B, AR, B1893GOA Manoppello Scalo, PE, IT, 65024 Ceske Budejovice, Jihocesky, CZ, 37001 Newport, Wales, GB, NP44 3XU Cali, VAC, CO, 763537 Camacari, BA, BR, 42849-000 Guangzhou, GD, CN, 510700 Elgin, IL, US, 60124 Shanghai, CN, 200041 Navi Mumbai, MH, IN, 400701 Auburn, AL, US, 36832 Radolfzell, BW, DE, 78315 Crystal Lake, IL, US, 60014 Annecy, 74, FR, 74005 Charleval, 27, FR, 27380 Guangzhou, GD, CN, 510700 Atlanta, GA, US, 30336 Eigeltingen, BW, DE, 78253 Villingen-Schwenningen, BW, DE, 78052 Niederbronn-les-Bains, 67, FR, 67110 US Ballinasloe, Ireland, IE Sant Cugat del Vallès, B, ES, 08173 Madrid, ES, 28045 Maringa, PR, BR, 87065-090 Villingen-Schwenningen, BW, DE, 78052 Le Neubourg, 27, FR, 27110 Auburn, AL, US, 36832 Louveciennes, 78, FR, 78431 Cambridge, MA, US, 02140 Poincy, 77, FR, 77470 Baltimore, MD, US, 21227 Granville, 50, FR, 50407 Suresnes, FR, 92150 Martignat, 01, FR, 01100 Dortmund, NW, DE, 44319 Freyung, BY, DE, 94078 Hyderabad, TG, IN, 501401 Weihai, SD, CN, 264204 Menden, NW, DE, 58706 Brecey, 50, FR, 50370 Paramus, NJ, US, 07652 Val de Reuil, 27, FR, 27100 Tortuguitas, B, AR, 1667 Ningbo, ZJ, CN, 315000 Milano, Milan, IT, 20090 Amsterdam, NY, US, 12010 Mukwonago, WI, US, 53149 El Segundo, CA, US, 90245 Cikarang - Bekasi, West Java, ID, 17530 Singapore, SG, 188778 Congers, NY, US, 10920 Sant Cugat del Vallès, B, ES, 08173 McHenry, IL, US, 60050 Mezzovico, TI, CH, 6805 Leeds, ENG, GB, LS27 0LL Suzhou, JS, CN, 215123 Cary, IL, US, 60013 Ckyne, Jihocesky, CZ, 38481 Louveciennes, 78, FR, 78430 Cali, Bogotá D.C., CO, 760045 Midland, MI, US, 48642 Cajamar, São Paulo, BR, 07750-020 Shibuya, Tokyo, JP, 150-0002 Le Vaudreuil, 27, FR, 27100 Eatontown, NJ, US, 07724 El Marques Queretaro, Querétaro, MX, 76246 Suzhou, JS, CN, 215123 Congers, NY, US, 10920 Chonburi, Chonburi , TH, 20000 Radolfzell, BW, DE, 78315 Louveciennes, 78, FR, 78430 Trumbull, CT, US, 06611 Freyung, BY, DE, 94078 Suzhou, JS, CN, 215123 Lincolnton, NC, US, 28092 Niederbronn-les-Bains, 67, FR, 67110 Oyonnax, 01, FR, 01100 Gibsonia, PA, US, 15044 Daqing, HL, CN, 166200 San Giovanni Teatino, CH, IT, 66020 Alcalà de Henares, M, ES, 28806 Libertyville, IL, US, 60048 Louveciennes, 78, FR, 78431 Dubai, Dubai, AE Newport, Wales, GB, NP10 8FY Milton Keynes, ENG, GB, MK15 0DF Dallas, TX, US, 75235 Annecy, 74, FR, 74650 Suzhou, JS, CN, 215123 Annecy, 74, FR, 74650 Villepinte, 93, FR, 95944 Torello, B, ES, 08570 Dallas, TX, US, 75235 Orlando, FL, US, 32801 Groissiat, 01, FR, 01100 Martignat, 01, FR, 01100

Company: Aptar Group

Position:                                 Security Architect

Full Time Equivalent:          100%

Department:                         Aptar Information Systems

Location:                                Any Aptar Location

Travel:                                     10-15%

Reports To:                            Senior Architect, Cybersecurity & Risk Management              




The  Security Architect plays an integral role in defining and assessing the organization's security strategy, architecture, and practices. The Senior Security Architect will be responsible for delivering enterprise-class security solutions for Aptar through strong architecture and implementation experience across cybersecurity framework functions (Identify, Protect, Detect, and Respond) in support of Aptar’s on premise, cloud platforms and hybrid cloud environments.


Position Summary

The Senior Security Architect will be responsible for the following activities and functions:


Planning and Design Activities

  • Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
  • Develops security strategy plans and roadmaps based on security and enterprise architecture best practices
  • Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
  • Primary security architect role for the following domains:
    • Network Security (protect the most critical assets while migrating traditional network security functions to cloud-based delivery)
    • Cloud/IaaS Security (protect cloud-native application workloads, and ensure the correct and compliant configuration of cloud infrastructure)
    • Vulnerability Management (develop capabilities to manage exposures to systems and assets across the environments that the business and IT operate)
    • Security Operations (create optimized processes and functions, along with related governance structures and activities). The role also includes incident response planning and execution and oversees security incident response program development.
  • Drafts security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the Head of Cybersecurity
  • Develops incident response plans and establishes a taxonomy of indicators of compromise (IOCs) and shares this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the Aptar IS organization.


  • Tracks developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
  • Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
  • Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
  • Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application to apply appropriate controls in their security domains.
  • Ensures a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
  • Reviews network segmentation to ensure least privilege for network access
  • Supports the testing and validation of internal security controls, as directed by the Head of Cybersecurity or the internal audit team
  • Reviews their primary domain security technologies, tools and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics


  • Coordinates with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems.
  • Liaises with other security architects and security practitioners to share best practices and insights
  • Consults with other subject matter experts and functional groups within the Aptar IS organization on security related topics and needs.



A successful Security Architect candidate will have the expertise and skills described below.


Minimum requirement of a bachelor's degree or technical equivalent degree.


Business-Related Skills

The security architect is expected to contribute his or her insights to colleagues in the security team and the Head of Cybersecurity, as well as colleagues within internal audit, risk management and other line-of-business teams. To ensure that security-related matters are adequately conveyed, the following skills are required:

  • Strategic planning skills — The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
  • Communication skills — The security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.
  • Financial analysis — As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies. Specifically, the security architect will need to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI, or the payback period for services or technologies replacing existing capabilities.
  • Project management — Security services and technology implementations will require solid project management skills. The security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.


Knowledge and Skills

Security architects will be expected to demonstrate the following key behaviors and competencies as they fulfill the core responsibilities of their roles:

  • Adaptability — Demonstrates flexibility within a variety of changing situations, while working with individuals and groups. Changes his or her own ideas or perceptions in response to changing circumstances. Alters standard procedures, when necessary and multitasks when required.
  • Business Acumen — Demonstrates an awareness of internal and external dynamics, and an acute perception of the dimensions of business issues. Conducts research and identifies, collects and analyzes information about markets, economies, technology trends and business operation issues to make informed decisions. Develops approaches and solutions that are clearly linked to the organizational strategies and goals for optimal performance.
  • Conceptual Thinking — Synthesizes facts, theories, trends, inferences and key issues and/or themes in complex and variable situations. Recognizes abstract patterns and relationships among apparently unrelated entities and situations. Applies appropriate concepts and theories in the development of principles, practices, techniques, tools and solutions.
  • Openness to Learning — Takes personal responsibility for personal growth. Acquires strategies for gaining new knowledge, behaviors and skills. Builds on and applies existing knowledge. Engages in learning from others, inside and outside the organization. Tries new approaches and broadens the scope of work to learn from work assignments.



The security architect will evidence his/her knowledge of security and risk management through ongoing continuing professional education. The ideal candidate will maintain one or more of the following certifications, though they are not required:


  • Check Point Certified Security Administrator (CCSA)
  • Palo Alto Networks Certified Network Security Engineer (PCNSE)
  • Cisco Certified Network Administrator (CCNA)
  • SANS GIAC Security Essentials
  • CompTIA Security+
  • IaaS Cloud Security



Nearest Major Market: Chicago