Senior Analyst, Security Architecture Engineer

at  The Este Lauder Companies

About Estée Lauder Companies
The Estée Lauder Companies is the global leader in prestige beauty — delighting consumers with transformative products and experiences, inspiring them to express their individual beauty. We are the only company focused solely on prestige makeup, skincare, fragrance, and hair care with a diverse portfolio of 25+ brands sold in approximately 150 countries and territories. Infused throughout our organization is a passion for creativity and imagination — a desire to push the boundaries and invent the unexpected — as we continue the bold work of our founder Estée Lauder.

WHO WE ARE

Do you want to be part of the team catalyzing digital innovation, harnessing the power of data, and transforming the fabric of security across the world’s most prestigious beauty, skincare, and luxury fragrance brands? Then join the information security and technology team, Enterprise Cybersecurity & Risk (ECR) at Estée Lauder Companies (ELC). ECR’s security team fuels cyber defense, technology excellence, risk and compliance, and global resilience. We stay at the forefront of cyber threats to deliver fit-for-purpose tools, technologies, and processes that protect ELC’s business operations and empower secure strategic growth. We shape and maintain a secure and scalable cybersecurity infrastructure. Effective collaboration with stakeholders to design architectural solutions, assess emerging technologies, and align security architecture with organizational goals is our core responsibility. If you thrive in change-rich entrepreneurial environments, then this is the team for you. From our fast-paced delivery plans to our global team expansion, this is an exciting time to join us!

WHAT YOU’LL DO

The position of Senior Analyst, Security Architecture is responsible for designing, implementing, and documenting security architecture within the organization’s environment. This includes supporting security assessments for both infrastructure and applications, establishing security standards, and implementing security controls using Agile methodologies. In this position, you will play a pivotal role in shaping Estee Lauder’s global digital security strategy. Your responsibilities will extend to providing security solutions across various domains, including Applications, Infrastructure, Platforms, and Cloud Services (IaaS/PaaS/SaaS).
To thrive in this role, a candidate must have a solid background in architecting and implementing security solutions within a large-scale enterprise environment.

YOU WILL BE RESPONSIBLE FOR:

• Develop, maintain, and document security architecture frameworks to support business objectives. This includes the establishment of key integration points among different organizational departments, facilitating a cohesive and unified approach to security.
• Work alongside the other security team members to evaluate and enhance security controls for cloud-based business applications. Identify and address security gaps through rigorous assessments.
• Develop standardized template plans for application migrations across various cloud deployment models, focusing on security implications and requirements.
• Evaluate, design, and implement cloud and on-prem technologies and processes. Aim to continuously mature the organization’s security controls in cloud/data center environments to support various business functions.
• Craft robust security architectures for diverse cloud and on-prem environments including public (Azure, AWS, GCP, Alibaba) and hybrid clouds, ensuring they meet organizational security standards.
• Ensure compliance with the Organization’s Application Security framework, updating and refining it as necessary.
• Collaborate with Engineering, Infrastructure Services, and Application Development teams to select and integrate appropriate technology solutions into application environments.
• Validate configuration efficacy to support the Cybersecurity Threat Management Center (CTMC) monitoring cloud-deployed systems for security threats.
• Participate in evaluating design principles and controls related to third-party solution providers, ensuring they meet our stringent security standards.
• Stay abreast of new and emerging security threats, frameworks, and regulations to maintain up-to-date knowledge and apply this to security practices.
• Lead efforts in deployment orchestration and automation, with a specific focus on maintaining and enhancing security measures.
  Qualifications