We believe in the power of people. We are a network strategy and technology company that is motivated by making a difference in people’s lives – their productivity, their creativity, their health and comfort. That’s why our engineers design and implement technologies that allow people to do great things.
Can be based remote in the United States or Canada
The Senior Cybersecurity Architect reports to the Director, IT Risk Management and Cybersecurity and is a member of the IT Risk Management and Cybersecurity team. This individual is an advocate for Ciena’s information/cybersecurity needs and is responsible for improving and optimizing the security posture of the company. This position requires a strong, knowledgeable individual to help secure the company’s information assets. This position is responsible for understanding the IT enterprise and securityarchitecture and have the ability to identify security gaps, develop controls, determine functional and non-functional security requirements and design solutions that meet business objectives and complying with security standards. This position will also analyze, recommend and implement security solutions. The Sr. Cybersecurity Architect will establish and maintain enterprise IT security standards through policy, architecture and training process.
The position is a key role working directly with the Director, IT Risk Management and Cybersecurity to deliver a cohesive, actionable strategy to drive improvements and changes in our overall cybersecurity team. This includes, but is not limited to the development of information security policies and processes, threat and vulnerability management, penetration testing, cloud security and IT securityawareness. The individual will be responsible for working with various stakeholders across IT and the organization to develop securityarchitectures, roadmaps, and drive implementation. This individual will ideally have experience with cloud security. This role requires that the individual possess superior technical capabilities and communication skills.
PRIMARY DUTIES AND RESPONSIBILITIES:
Information/Cyber Security Architecture
- IT Risk Management and Cybersecurity Strategy.
- Analyze technology industry and market trends (including breach and cyber-attack trends) determine their potential impact on the enterprise.
- Researches and evaluates new security technologies and integrate into securityarchitecture design and/or roadmaps
- Analyze the current technology environment/infrastructure to detect critical deficiencies and recommend solutions for improvement.
- Advises on policies, procedures, standards and guidelines related to IT Security and Risk Management (including supporting ISO, NIST, SOX and HIPAA requirements).
- Establish annual security and compliance goals, define a securityarchitecture, define security strategies and standards
- Evaluates and articulates the business benefits of security-related investments.
- Provides input to overall IT roadmap exercises, focusing on security capabilities.
- Collaborates with Infrastructure and Application Architects to ensure all services roadmaps incorporate security standards.
- Security Architecture and Security Solution Design.
- Reviews and updates all logical and physical architectures.
- Identifies securityarchitecture approach (reference architectures, standards, etc.)
- Provides recommendations on the selection, development, deployment, monitoring and/or improvement of a security-related technology
- Review existing securityarchitectures, identify gaps, and recommend security improvements. Serves a point of contact for our cybersecurityarchitecture.
- Participate/lead architectural reviews as required
- Provide solution input to long term fixes that may include security gaps or remediations
- Create detailed, professional documentation related to securityarchitecture and security programs
- Serve as information/cybersecurity subject matter expert, trusted advisor; provide advisory and consulting services as needed
- As a Security Solution architect, leads from conceptualization to implementation, larger security focused initiatives.
- Collaborate with Infrastructure and application team to ensure appropriate security policies and standards are applied
EDUCATION and EXPERIENCE Requirements:
- Bachelor’s degree or equivalent experience in Cybersecurity, Information Secuirty, Computer Science, Management Information Systems and/or Engineering from an accredited institution.
- 5-7 years of experience in Information Technology (IT), with a minimum of 3 years of experience information security/cybersecurity or risk management function focused on cybersecurityarchitecture and experience designing and implementing security solutions
- In-depth knowledge of application security, infrastructure and networksecurity, identity and access management, threat and vulnerability management and securityarchitectures.
- Recent experience in emerging technologies such as cloud and cloud security.
- Experience with ISO/IEC 27001/2, NIST and COBIT frameworks and/or standards
- Applicable certification (e.g. CISSP, CISSP-ISSAP, CEH)
- Excellent verbal and written communication skills, collaborative work style
- Strong analytical and problem-solving skills
- Excellent judgment and intellectual integrity. Unbiased toward any specific vendor or technology choice; is more interested in results than personal preferences
- Occasional travelrequired