Principal Cyber Security Architect

Job Summary

For our client in Utilities industry, this position is responsible for formalizing the design & implementation of a robust information security architecture for Corporate IT, Operational Technology (OT), and Internet of Things (IoT) enabled systems. He/She will develop automated security and compliance capabilities in support of DevOps processes in an enterprise AWS cloud computing environment. He/she will be responsible for assisting the CISO in developing, managing, and implementing the IT and OT cybersecurity strategy and roadmap. IT Security Risk and Compliance (ITSRC) org requires dedicated resources in security architecture function to ensure secure delivery of cloud initiatives, DevSecOps and Energy Strong Program.

Job Responsibilities

-Lead and manage the development of Information Security Architecture, standards and design patterns

-Leverage DevOps tools to build, harden, maintain and instrument a comprehensive cloud-based security orchestration platform to be consumed in product CI/CD pipelines.

-Participate in and reviews risk assessments to ensure compliance with Security Architecture objectives and standards.

-Design and implement Cloud-native architectures that will allow business requirements to be met with a minimal degree of risk to the organization

Job Specific Qualifications

Required Skills:

• Bachelor of Science in Computer Science, Information Systems, or related discipline.

• At least 10 years of experience in cybersecurity field.

• Minimum 3 years of experience in Security architecture function.

• Proficiency in at least one scripting language

• Strong leadership and influence skills

• Ability to present to all levels of management & executive leadership

• Excellent teamwork, facilitation, relationship building, and negotiation skills

• Able to maintain positive working relationships both leading and as part of a team;

• Effective time management skills and able to multitask effectively;

• Able to communicate effectively with both technical and non-technical individuals;

• Defines strategy and architecture for security solutions that protect company infrastructure and data, while incorporating applicable compliance standards.

• Reviews new, and changes to existing, applications and infrastructure for security risk. Provides expert advice using existing and new security technologies to reduce risk and support implementation of new products and features needed by business.

• Reviews/validates application configurations and code for security risks.

• Understands threats to data and how to use encryption, access control, DRM, DLP, and other technologies to reduce risk.

• Experienced in multiple platforms, including Windows, Unix, Network, Cloud, and End User/Mobile devices.

• Experience with Identity and Access Management.

• Reviews network architecture diagrams for various attack vectors and provides expert advice on mitigating threats via proper architecture design.

• Focuses on cloud-based solutions that work in an existing hybrid cloud/on premise environment.

• Understands and is capable of working within DevOps model, embracing guardrail model of security to support rapid development in an Agile framework.

• NERC CIP position, requires NERC CIP background investigation prior to start security threats

Desired Skills:

Experience with the implementation of NIST Cyber Security Framework (CSF), North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and Nuclear Regulatory Commission (NRC) Nuclear Cyber (10 CFR 73.54)

Information Technology/Operational Technologies experience in Energy Management System (EMS), Advanced Distribution Management System (ADMS), Grid Intelligence & Security (GIS), Outage Management System (OMS), and Supervisory control and data acquisition (SCADA)

Previous experience of IT/OT technologies and utility industry experience preferred with an awareness of utility specific security threats.

The client operates under a Flexible Work Model where flexible work is offered when job requirements allow. In support of this model, roles have been categorized into one of four work location categories: onsite roles, hybrid roles that are a blend of onsite and remote work, remote local roles that are primarily home-based but require some level of purpose-driven in-person interaction and living within a commutable distance, and remote non-local roles that can be effectively performed remotely with the ability to work in approved states.