A brief description summarizing the overall purpose and objectives of the position and the results the worker is expected to accomplish.
The Security Architect provides leadership and oversight to the delivery of security architect services to PDC in both the Information Technology (IT) and Operational Technology (OT) environments. It will be the Security Architect’s responsibility to protect the confidentiality, integrity and availability of information systems by instituting and proliferating security best practices and patterns throughout all IT projects and operations. Additionally, this role will identify and lead initiatives to drive improved security operations and to improve the overall security posture and maturity of the IT organization. The Security Architect will establish strategic security controls and reusable patterns/standards for IT security. This role also ensures that the patterns/standards are considered and enforced in the project life cycle and in day-to-day IT operations.
The tasks, duties, and responsibilities of the position that are most important to get the job done.
- Design and develop an Enterprise Security Architecture to mitigate the risks presented by the ever-changing threat landscape unique to the organization;
- Ensure that secure architectural solutions are incorporated into every aspect of enterprise architectures supporting the organization’s key business processes and organizational missions;
- Responsible for defining the technical design specifications and operational practices for on-premise, cloud and OT environments;
- Work collaboratively with IT to build, test and implement security systems;
- Evaluate enterprise security infrastructure and ensure the disparate components are well integrated, secure, and operating efficiently;
- Design and incorporate security controls in new, legacy, and in-progress environments undergoing general IT transitions/upgrades ;
- Translate technical risk issues and distill such issues to IT and business leaders;
- Serve as a key technical interface, performing liaison functions between leadership and technical teams;
- Coordinate and administer documentation for security processes/procedures/standards for the IT department;
- Provides security subject matter expertise on cloud architecture control implementation;
- Ensure system security requirements are established and maintained for operations;
- Review current system security measures and recommending and implementing enhancements;
- Conduct regular system tests to ensure continuous monitoring of network security ;
- Develop security requirements, perform security risk assessments, system analysis and review security systems design;
- Support security testing and evaluations including; system hardening, vulnerability testing, security event monitoring, web application scanning, and other technical security assessment work;
- Possess a thorough understanding of complex IT and OT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as security best practices;
- This position may also apply advanced forensic tools and techniques for attack reconstruction;
- Other duties, not listed, may be assigned by the Director, Information Security.
KNOWLEDGE, SKILLS AND ATTRIBUTES
The specific minimum competencies required for job performance.
- A self-starter accustomed to working in an environment with technical uncertainties, business ambiguities and solving anticipated future business-relevant problems;
- Must be able to clearly articulate security requirements to all levels within the organization;
- Experience authoring reports, data flow diagrams, and Visio drawings for security systems and networks;
- Solid understanding of security protocols, cryptography, authentication, authorization and security;
- Experienced with implementing security requirements within technologies such as firewalls, IDS/IPS, SIEM, malware protection, application whitelisting, VPNs, remote access, CASB, SaaS, IaaS, and PaaS;
- Experienced with information security practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies;
- Experience implementing multi-factor authentication, single sign-on, identity management or related technologies;
- Expertise in designing and architecting information technology and security controls across complex and diverse applications and infrastructures;
- Must be organized, detail-oriented, deadline-driven, and able to handle multiple responsibilities in a fast-paced environment;
- Ability to work with wide range of people and to take responsibility and function under minimal supervision;
- Ability to think strategically, with good interpersonal and organization skills;
- Advanced technical skills – both breadth and depth;
- Technical aptitude and critical thinking skills while having the ability to think outside the box;
- Strong interpersonal and communication skills and experience in working collaboratively with different teams.
The scope of the person’s authority, including a list of jobs that report to the incumbent.
This position has no supervisory responsibilities
The environment in which the job is performed, especially any unique conditions outside a normal office environment.
- Consistent with that of a normal office environment;
- Ability to routinely lift up to 50 lbs;
- Availability during non-working hours (e.g. participation in 24X7 on-call rotation);
- Required to work on-call during planned maintenance and/or emergencies;
- Infrequent travel to all PDC offices required (~10%).
The minimum level of education, experience, and certifications required to perform the job.
- Bachelor’s degree in computer science, information security or related field required;
- Advanced degree in computer science, information security, or a related field preferred (MS, MBA, etc.);
- Minimum of 7 years’ experience in information security or information technology;
- Minimum of 5 years’ direct experience in an information security specific role (Security specialist, engineer, architect or administrator);
- Industry certifications such as: CISSP, CCSP, CISM, GSEC, GICSP, or GCED.