About Wealth Enhancement

Wealth Enhancement is an independent wealth management firm with an endless passion for enriching the lives of our clients. We continually seek to perfect our craft of personalized financial planning with our team-based Roundtable and UniFi processes that go far beyond the standard approach. We proudly provide unique financial plans and investment management services to over 80,000 households from our over 140 offices - and growing - nationwide.

Since 1997, Wealth Enhancement has tirelessly raised the standard of wealth management with specialized knowledge and more attentive service that helps every client craft their future. For more information, please visit www.wealthenhancement.com.

We have an exciting opportunity for a Security Architect. The Cyber Security Program works with the Wealth Enhancement business community to secure data, systems, network resources, and protect the confidentiality, integrity and availability of our customers and company assets to ensure they are secure and in compliance with regulatory controls. We are seeking a highly skilled Security Architect to lead the design, implementation, and governance of security solutions across our on-prem and cloud infrastructure.

In the spirit of pay transparency, we are excited to share the base salary range for this position is $160,000.00 to $180,000.00, exclusive of bonuses and benefits. This role is also eligible for our corporate bonus.

Primary Job Functions

To support this mission, the Cyber Security Program will,

• Develop processes, procedures, and policies required for the protection of confidential information Identify risks to the security of data and systems

• Mitigate these risks to levels acceptable to the business

• Define security requirements, establish baselines and measure compliance, based on applicable laws, regulations, and best practices

• Consult business users and departments to investigate security issues and evaluate products and processes

• Design and implement secure, scalable, and compliant cloud architectures

• Define guardrails for Identity and Access Management (IAM) security groups, encryption, logging and monitoring

• Architect solutions that enforce Zero Trust, least privilege, and defense-in-depth models across multi-account cloud environments

Security Operations

• Evaluate security tools and capabilities

• Evaluate the current security capabilities and make recommendations as needed

• Must be able to lead and support Cloud specific incident response (IR) efforts and investigations using native tools and logs to monitor, identify, detect, prioritize and investigate alerts

• Work collaboratively across technology support teams

Support Compliance and Governance

• Ensure alignment with frameworks like NIST CSF, ISO 27001, SOC 2, SEC and FNRA as applicable

• Develop and maintain documentation for security architecture, standards and procedures

• Conduct regular risk assessment, cloud security posture reviews, and internal/external audits

• Provide educational information for other team members on processes and steps to be followed

Orchestration, Automation and Response

• Integrate security controls and policies into CI/CD pipeline using IaaS tools (Terraform, CloudFormation)

• Automate detection alerting, and response to suspicious activity with Cloud-native tools (CloudTrail, GuardDuty, Security Hub, Inspector, Entra ID, Azure Security Center, PIM, Sentinel, Purview) and third-party SIEM platforms

• Collaborate with DevSecOps to improve vulnerability management and remediation processes

• Establish data security strategies for classification, encryption, and lifecycle management

• Methodology of connecting security tools and integrating disparate security systems and streamline security processes

• Connect tools and teams while also automating manual processes to speed, scale and strengthen security response posture

Advisory and Enablement

• Serve as a subject matter expert on-prem and cloud security architecture to both technical and business stakeholders

• Partner with infrastructure architects, engineers, product owners, and legal/compliance teams to assess the security impact of new initiatives

• Deliver enablement on cloud security best practices and threat trends across teams

• Detect malicious activity within and across the cyber kill chain

• Detect anomalous activity with advanced statistical analysis and machine learning capabilities

• Communicate with executives and business leaders, translating technical risk into business impact

Cloud Services

• Experience managing cloud security services in AWS, Azure, GC

• Knowledge and understanding of Cloud Security services

• Understand Keys and Key Management and Security Groups

• Understanding of Identity and Access Management principles

Education/Qualifications

• Bachelor's Degree in Computer Science, Information Management or equivalent work experience

• Minimum of 7 years of work-related experience in Cyber Security, Security Engineering, Threat Intelligence and or Security Monitoring with at least 3 + years in cloud security architecture

• Certifications preferred but not required: GIAC Security Architecture, CCSP, CISSP, AWS Certified Security Specialty, Azure Security Engineer Associate, or equivalent work experience

• Good verbal and written communication skills.

• Proficient with Microsoft Office Suite or related software.

• Deep expertise in:

  • AWS IAM, KMS, VPC, WAF, Config, CloudTrail, and Organizations

  • Cloud-native and third-party security tools (Windows Defender, Wiz, Akamai, F5)

  • Security automation and IaaS (Terraform, AWS CDK, or CloudFormation)

  • Container and serverless security (EKS, ECS, Lambda)

• Familiarity with the concept of Least Privileged

• Familiar with regularity controls such as SEC, GDPR, FNRA

• Familiar with Security Control Frameworks such as NIST and ISO

WEG hires employees and makes decisions about their salary qualifications based on factors such as: the role to be performed; educational and professional experience, qualifications, skills and credentials; tenure, cost-of-living and demand for the role in the applicable market. To comply with state pay transparency laws, we must disclose the entire salary grade. The entire salary grade for those who are classified as a director level is $132,000.00 to $198,000.00. However, the base salary range bolded above is what we expect to pay as a starting range for this position.

Comprehensive Benefits Offerings

Our benefits aim to balance four key elements that make life and work meaningful: health and wellness, financial well-being, professional development, and work/life harmony. You may participate in the following benefits & development opportunities:

• Training and professional development

• Medical, dental and vision coverage (Available to employees and their families)

• Health Savings Account (HSA) with employer contribution and Flexible Spending Accounts (FSA) for medical, dependent, and transit expenses

• Life and AD&D insurance – employer paid and voluntary options

• Short-term and long-term disability, workers compensation – employer paid

• 401k with match and profit sharing

• Wellness programs and resources

• Voluntary benefits, including pet insurance

• 18 days of paid time off (PTO), accrued annually (25 PTO days after 4 years of service)

• 12 paid holidays each year (10 pre-determined and 2 floating days)

• Paid parental leave and paid caregiver leave (Caregiver leave available after 6 months of tenure)

• Reimbursement for tuition, licensing, and other credentials (Available after meeting service requirements)

Should you need reasonable accommodation when completing the application form or during the selection process, contact the Human Resources Department at 763-417-1700

Information provided on this application will be kept confidential and only be shared with those involved in the selection process.

Equal Opportunity Employer, including disabled and veterans. This organization participates in E-Verify.

Click the following link to view Federal and E-Verify posters: Link

OSHA Requirements: This position requires the ability to stand or sit for long periods of time, file documents in high or low cabinets, to use the telephone and to use the computer systems.