Job Purpose
The Cybersecurity Architecture team is responsible for establishing security design standards, conducting architecture reviews, and providing strategic guidance to protect ICE's critical financial infrastructure. This team defines security requirements across network, data, system, and cloud environments, ensuring controls are appropriately designed before implementation by engineering teams. The Cybersecurity Architecture Engineer supports security design initiatives, conducts architecture reviews, and contributes to threat modeling and security control assessments across the enterprise.
Responsibilities
Threat Modeling - Support threat modeling exercises to identify security risks and recommend mitigating controlsNetwork Security Review - Review and assess network security designs including segmentation, firewall rule requests, and connectivity requirementsData Security Assessment - Evaluate data security requirements and recommend appropriate encryption, classification, and protection controlsCloud Security Review - Participate in cloud architecture design reviews to identify security considerations; Support evaluations of IAM configurations, network controls, and security service implementations. Control Assessment - Assist in security control assessments and gap analysis, document control effectiveness and recommend improvementsDocumentation - Maintain security architecture documentation, identify trends, design specifications, and reference architecturesCross-Functional Support - Collaborate with other Security, Infrastructure, Operations, Engineering and Development teams on security requirements and design guidance
Knowledge and Experience
Degree in engineering discipline or equivalent experience3+ years of relevant Information Security experienceTop-tier analytics and problem solvingAbility to work in a service-oriented team environmentProject Management, organization, and time managementFamiliarity with data security concepts including encryption and data protectionEffective written and verbal communication skillsAbility to automate tasks using scripting and basic automation
Specific Technologies
Network security fundamentals (firewalls, IDS/IPS, network segmentation, VPNs). Cloud platforms including core security services and IAM concepts. Identity and access management principles. Data security (encryption concepts, DLP fundamentals, HSMs, key management). System hardening (CIS Benchmarks, security baselines). DNS and application-level content-filtering. Web application firewalls and Content Delivery Networks (CDNs). Security documentation and diagramming tools.
#LI-SH2
Intercontinental Exchange, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to legally protected characteristics.