Equal Opportunities At Crawford & Company we are committed to creating an inclusive work environment. We don't just talk about diversity and inclusion; we aim to infuse it into everything we do - underpinning our strategy with three core elements: Consciousness Capability Culture We welcome applications from all candidates, no matter their background. So, what are you waiting for? Apply today, we're looking forward to your application. Position Summary The Director, Security Architecture is a leadership role to help support, secure, manage and deploy solutions that support business objectives. The role is highly technical, and candidates must possess a solid understanding of information security and systems administration across a wide variety of cloud infrastructure, including software as a service (SaaS), infrastructure as a service (IaaS) and platform as a service (PaaS). The role also requires an understanding of business goals/strategy and operational requirements in a fast-paced environment. The Director, Security Architecture should have a strong work ethic, perform analytical and critical thinking, and is masterful at meeting change requests on demand. The Director, Security Architecture will collaborate with multiple business units and possess superior listening and communication skills. Responsibilities Work to consistently learn and share advanced skills and practices that promote team excellence. Build relationships with development teams and key business stakeholders to incorporate security principles into development and deployments. Research, validate and deploy solutions meeting security and business needs. Formally develop security team standards, policies, procedures, and processes. Develop and maintain secure, resilient cloud processes in tandem with architects and system engineers. Secure business applications and computing environments across public, private or hybrid cloud infrastructures. Deploy strong identity and access management (IDAM) controls across applications and computing environments. Attend regular technical project and implementation meetings and serve as the security SME to help guide secure application and infrastructure configurations. Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments. Manage remediation efforts after security assessment findings outline weaknesses requiring attention. Stay apprised of current and proposed security changes impacting regulatory, privacy and security industry best practice guidance. Act as a key figure in incident response to track occurrence and resolution, with strict documentation and reporting as well as engagement with security operations and incident response teams. Functional Knowledge Bachelor's degree in computer science (preferred), information assurance, MIS or related field, or equivalent. Experience in cloud networking architecture and cloud operations. IDAM experience, including OAuth and OpenID. Experience and understanding of various regulatory requirements and laws, including but not limited to: Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR). Knowledge of National Institute of Standards (NIST) or International Standards Organization (ISO) requirements. Self-starter requiring minimal supervision. Excellence in communicating business risk and remediation requirements from assessments. Analytical and problem-solving mindset. Highly organized and efficient. Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen. General Background, Experience & Professional Qualifications At least 7 years' experience in information security or application development. At least 2 years' experience with operations and security across Amazon Web Services (AWS), Microsoft Azure or Google Cloud Platform (GCP). Expected to hold one or more security certifications relevant to the position, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Computer Security Incident Handler (CSIH), CISM (Certified Information Security Manager)