We are seeking a Corporate Cyber Security Architect to champion information security for S&C’s cyber security vision for corporate enterprise IT, products and operational technology environments. The skillset requires a technical understanding of cyber security best practices, implementation with the ability to clearly communicate direction to other cyber architects and corporate leaders. Prior experience with information security management is essential for this position. The successful candidate will join a high-performance and cross-functional team, working under minimal supervision across 19 offices in 6 different countries.
Responsibilities of this position include, but are not limited to, the following:
- Champion cyber security best practices and set the technical vision and implementation of S&C’s corporate-wide information security program.
- Participate in ongoing activities and strategic planning efforts intend to address emerging security threats and to further enhance S&C’s cyber posture
- Develop policies and procedures that will expand the corporate information security program throughout a multi-year roadmap
- Building consensus and establishing collaboration with team members from every department in S&C.
- Development of cyber security risk assessments
- Leading preparation for and execution of a corporate incident response team for a detected incident
- Assist in developing cyber security educational material
- Outstanding analytical skills and the initiative to remain current with new changes in the cyber security technical field.
- Participate in evaluating proposed projects, software vendors, and S&C business practices for potential cyber concerns, and assist in the development of policy and procedure to address the concerns
- Understand and apply supply chain risk management best practices and NERC CIP regulation constraints to the S&C corporate information security program
To select this job as one of interest to you, at a minimum, you must have the following:
- Bachelor’s degree in computer science or other IT-related technical degree. Relevant certifications are a plus.
- Excellent communication skills and ability to relay technical information at all levels of S&C leadership
- A deep understanding of the following:
- NIST – Cybersecurity Framework (NIST-CSF)
- NIST – 800-53 Security Controls
- Prior experience with leading an information security program.
- Experience with monitoring, collecting and analyzing device, system and application logs for attempted and/or achieved unauthorized access into our environment
- Familiarity with Microsoft Windows client/server and Office 365, Cisco enterprise networking, and other modern workplace technology platforms
Relevant Work Experience:
- 15 years of experience in IT or as a cyber security or systems architect in a large corporate environment.
- Current CISSP certification is highly desirable
- NIST – 800-171 Protecting Controlled Unclassified Information