The Enterprise Security Architect, ESA, is responsible for establishing enterprise-wide security standards, identifying security threats, designing, recommending and leading the implementation of strategic controls enhancements in support of Aramark’s security program. Additionally, the ESA is responsible for collaborating with IT and business stakeholders to assess the security posture of existing and new systems, identify design gaps that may introduce security threats, and recommend the application of security controls to not only ensure compliance with internal security and regulatory standards, but also secure data and systems at a level that is that is commensurate with their value. The ESA is expected to be the primary liaison from the security organization who works directly with the business to address their security needs.
Core Job Duties/Responsibilities.
- Leadership – A senior member of the CISOs leadership team who is integral in helping foster a culture of security awareness across the enterprise. In a security leadership capacity works across diverse audiences to translate security and regulatory requirements into business value by clearly articulating current and emerging security threats as they relate to enterprise risk. Exhibits thought leadership and demonstrates an ability to successfully deliver complex security projects as well as integrate security requirements into the design and implementation of IT and business projects. Assess new controls for alignment with the security program as well as organizational needs based upon financial, business, and security requirements.
- Client Relationship – Strong communication skills, written and oral, to articulate complex challenges and security requirements to audiences of various technical backgrounds. Ability to influence stakeholders through direct collaboration in order to achieve security objectives for the organization and communicate security requirements as core components to be included in the design of IT systems, process development, and IT operations. Possesses strong inter-personal skills and is able to establish effective working relationships with peers and other key stakeholders to enable the successful completion of projects on time and within budget.
- Financial Performance – Possess an understanding of security and project budget requirements, understand operational support requirements, drive the development of scalable processes and solutions that align with organizational resource and budget capabilities, as well as be able to communicate budgetary and scheduling requirements to all stakeholders. Understand and support resource management, budgetary forecasting, as well as monitoring and tracking of spend within the security organization. Able to provide advice and guidance in relation to prioritized risk mitigation efforts and risk management as it influences current and projected spend. Support decision-making on financial spend in relation to supplier offerings and or delivered solutions.
- Compliance – Must demonstrate an understanding of Aramark’s security compliance and regulatory needs and what is required to achieve compliance. Develops and enforces security requirements and standards to maintain compliance with internal and external requirements. Interacts with internal and external auditors to assess compliance, represents the security organization during internal and external audits, and is responsible to compiling requisite documentation as well as management responses. Must be able to identify, asses, document, and manage all security risks that are associated with meeting compliance across all areas of Aramark. Is able to provide appropriate levels of metrics and reporting for Aramark to demonstrate security program effectiveness and opportunities for improvment.
- Productivity – To support delivery of services and product timelines, is able to establish direct lines of contact with major Service Providers for information security engineering and operations to support and maintain a business-to-security alignment. Understand Aramark’s business objectives and strategies, design solutions that balance security with business requirements and raise awareness of security requirements. Demonstrates an understanding of IT best practices, a knowledge of desktop, server, IT core services, cloud, and application environments/technology.
Additional Position Duties/Responsibilities
- Consulting and engineering in the development and design of security best practices and implementation of effective, scalable security controls across the organization.
- Responsible for supporting the development of the information security architectural standards. Is able to conduct security vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues.
- Lead engagements with Technology Service Providers for solution design
- Responsible for documenting security solution patterns or templates which are based on current architectural principals compatible with Aramark’s current and future service delivery models and business strategies.
- Serve as security subject matter expert and internal consultant responsible for representing the security organization and supporting IT and business projects.
- Ability to support integration between IT architectures (infrastructure and application) and information security policy and standards. Work closely with IT and Digital Service Delivery Architect (s) to ensure secure solutions are created that meet the needs of the business.
- Experience in recommending data architecture improvements based on information usage and security requirements. This must include ability to oversee activities that ensure all data standards are adhered to.
- Evaluate network and security technologies, develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices.
- Evaluate server, workstation and other end user computing platforms, including collaboration technologies to assess security posture and recommend improvements based upon best practices. Establish documented standards and processes to maintain compliance with security requirements
- Provide leadership for the understanding ofsecurity protocols, cryptography, authentication, authorization and security.
- Knowledgeable in security requirements associated with cloud computing and experience with developing and implementing cloud security controls
- Responsible for analyzing, documenting and managing all security exceptions to policy.
- Must have excellent communication, influencing and interpersonal skills combined with highly effective technical presentation skills for stakeholder management and engagement.
- Performs an active role in identifying the need for and evaluating emerging technologies.
- 10 years of progressive experience in network architecture with a minimum of 5 years concentration in cyber security and security architecture
- Experience with complex, technical design requirements and implementation of security controls for a global organization
- Experience with designing, implementing, and operating security solutions associated with endpoint, network, data, and cloud security
- Experience in developing security policies, procedures, and standards; promoting awareness of security requirements to all levels of an organization
- Presentation to executive leadership articulating security requirements, the need for investment, and working with business leaders to ensure systems are implemented in a secure fashion
- Fulfill an internal consulting role where viewed as a subject matter expert for security design and implementation
- Oversight and leadership for complex security projects
A Bachelor’s degree preferably in computer science or related subject.
A CISSP (certified Information Systems Security Professional) is preferred for this role and degree with the relevant years’ experience. Knowledgeable and experienced in compliance with Information Security standards such as ISO/IEC27001/27002/27003/27005, NIST, Sarbanes-Oxley (SOX), GDPR, Data Privacy requirements.