Lead Domain Security Architect (AI, Network, Devices, Data, Infra/Cloud)

Job Summary

Farmers Insurance is seeking a proactive and deeply experienced Lead Domain Security Architect to drive our "security by design" strategy. This is a senior, platform-focused individual contributor role responsible for building, maturing, and governing the enterprise security architecture practice across all key technology platforms, including AI, network, data, devices, and cloud/infrastructure. You will serve as a senior strategic advisor, ensuring our technology landscape is fundamentally secure and resilient, with a special focus on securing our AI-driven customer interaction platforms. The ideal candidate is a master of multiple security domains who can reduce enterprise risk by developing long-term strategy, roadmaps, and conceptual architectures that enable the business to confidently pursue innovative technologies.

(Farmers position title:  Lead Domain Architect)

Enterprise Security Architecture & Practice Maturity

• Lead the development and maturation of the enterprise security architecture practice, establishing repeatable processes, mentoring other architects, and elevating the team's overall capabilities.
• Develop, maintain, and govern the enterprise security architecture roadmap, ensuring alignment with business strategies and the evolving threat landscape.
• Define the strategy and framework for performing threat modeling and security architecture reviews, ensuring risks are identified and addressed at a strategic level.
• Create and champion reusable security patterns, standards, and conceptual reference architectures to ensure consistency and scalability across the enterprise.
• Serve as a primary subject matter expert and advisor on security architecture, providing strategic guidance on complex security challenges across all technology domains.

Strategic Project & Program Alignment

• Provide strategic architectural guidance for critical enterprise transformations, including large-scale cloud migrations, data center exits, legacy system modernization, and the implementation of new enterprise-wide platforms.
• Define and embed security architecture principles and standards within the System Development Lifecycle (SDLC) framework.
• Develop high-level, conceptual architectures for major initiatives, ensuring solutions for identity governance, privileged access, data lifecycle management, and disaster recovery are aligned with the enterprise security strategy.

Domain-Specific Strategic Focus

• AI Security: Develop the strategic security framework for AI/ML platforms, with a specific focus on securing conversational AI, IVR, and Contact Center platforms. Architect solutions that protect sensitive customer data, ensure model integrity, and address ethical considerations in AI-driven interactions.
• Network Security: Define the long-term strategy and conceptual architecture for network security, championing Zero Trust principles across on-premise, cloud, and remote access environments.
• Device Security: Develop the enterprise architecture and strategic roadmap for securing endpoint, mobile, and IoT/OT devices, including strategies for security posture validation and compliance.
• Data Security: Define the enterprise data security architecture, including strategic guidance for encryption, data loss prevention (DLP), classification, data lifecycle management, and the architectural implementation of privacy regulations.
• Cloud/Infrastructure Security: Develop and maintain the cloud security reference architecture and strategic roadmap for securing multi-cloud environments (AWS, Azure, GCP).
• Vulnerability Management Strategy: Architect the framework and strategy for the enterprise vulnerability management program. Define how vulnerability intelligence is integrated into security designs and provide architectural oversight for platforms used to identify, prioritize, and manage security weaknesses across all technology assets.

Governance, Risk & Compliance (GRC)

• Partner with Security, Audit, and Risk teams to translate regulatory requirements (e.g., CPRA, PCI-DSS, GDPR) into technical security strategies and architectural patterns.
• Establish and govern architectural standards and best practices to ensure compliance and reduce enterprise risk with a focus on securing customer data and PII.
• Drive and participate in security architecture governance processes, including design reviews and exception handling.

What You'll Bring

• Six (6) years relevant experience in Domain Architecture required preferably in the delivery of single domain architecture solutions.
• Minimum of 6 years of experience in cybersecurity, with at least 5 years in a senior or enterprise security architect role within a large enterprise environment (insurance company experience), preferred.
• Experience in the insurance industry or other highly regulated financial services environments, preferred. 
• Strategic experience in defining security architecture for AI/ML systems and understanding of AI-specific threats, preferred. 
• Familiarity with DevSecOps principles and the role of security architecture in CI/CD pipelines, preferred. 

Education You'll Need

Technical Skills

• Security Frameworks: Expert knowledge of industry-standard frameworks such as NIST Cybersecurity Framework (CSF), ISO 27001, CIS Controls, and MITRE ATT&CK.
• Vulnerability Management: Strategic understanding of the vulnerability management lifecycle, threat intelligence correlation, and the architecture of exposure management platforms (e.g., Tenable, Qualys, Rapid7).
• AI & Contact Center Security: Strong architectural knowledge of securing CCaaS platforms, conversational AI/IVR systems, and protecting sensitive data (PII/PCI) within customer interaction channels.
• Cloud Security: Expert knowledge of cloud security architectural patterns, including IAM, network security controls (Security Groups, WAFs), CASB, CWPP, and CSPM.
• Data Security: Strong knowledge of data encryption strategies, tokenization, data loss prevention (DLP) concepts, and database security principles.
• Network Security: Expert-level understanding of network security principles, including Zero Trust architecture, firewalls, IDS/IPS, micro-segmentation, and secure remote access strategies.
• Identity & Access Management (IAM): Expert-level knowledge of IAM strategies and architectural models, including single sign-on (SSO), multi-factor authentication (MFA), Identity Governance & Administration (IGA), and Privileged Access Management (PAM).
• Application Security: Solid understanding of secure SDLC principles and the strategic importance of SAST, DAST, and software composition analysis (SCA).

Additional Skills

• Strategic mindset with the ability to see the bigger picture and anticipate future threats.
• Exceptional written and verbal communication skills, capable of influencing both technical and executive audiences.
• Ability to influence and collaborate with technical and non-technical stakeholders across all levels of the organization.
• Excellent analytical, problem-solving, and negotiation skills.

Physical Actions

Physical Environment