Cyber Security Architect:

WORK ILLUSTRATION:

The Contractor, IT Enterprise Cyber Security Architect is responsible for leading and promoting the Enterprise Architecture process within the organization, including the creation of governing principles, policies, standards, and procedures to guide solution, decision-making for the organization and support the development of an implementation plan for security architecture designs within the Enterprise Architecture framework.

A successful candidate will drive and create innovative solutions to solve complex technical and technological challenges in order to ensure the highest level of reliability, efficiency, and security of IT systems.

Candidates will be responsible for developing and updating Security Standards, Policies, and training awareness programs and for driving and creating innovative solutions to solve complex technical and technological challenges.

.

The successful candidate will have extensive knowledge and experience in the architecture of the following domains and their application to IT and OT environments:

Cyber Security

Cybersecurity advisory

Identity and Access Management

Data Center & Campus Networking

Cloud Security & Networking

Network Security

Endpoint & Host Security

Data Security

Vulnerability Management

Advanced Metering Infrastructure (AMI)

OT/ICS and IoT Security

The incumbent is expected to behave ethically and follow the established code of business conduct, policies and internal control procedures, laws and regulations governing the client..

KEY RESPONSIBILITIES:

-Develop and maintain security architecture artifacts (e.g. models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.

-Maintain and enforce industry leading architectural standards, policies and procedures and gain approval from IT Senior Management/Executives

-Lead technical Proof of Concepts for Cyber Security technologies

-Manage and audit IT project execution technical governance to ensure technical standards compliance and/or manage and track exceptions

-Lead new Cyber Security architecture and design / modernization discussions

-Participate in support on end-to-end problem resolution and root cause analysis in collaboration with other functional groups, business units and vendors

-Support the Cyber Security Operations team with incident management and problem management issues

-Communicate complex technical issues in an easily understood language orally and in writing to diverse stakeholders

-Ensure security policies, standards, and principles are applied for all environments and, where required, across partner relationships.

-Review and recommend enhancements to current system security measures from enterprise architecture perspective.

-Support & update the IT Asset Management model for Cyber Security assets, including life cycle and framework (aligned to corporate goals) that drive/improve IT system reliability, quality and timeliness of IT service, cost and/or security

-Support the development of IT foundational technology security strategy and system plans, including conducting technical research, trending analysis, specifications and the creation of white papers

-Provide technical leadership for solution design architecture to support business cases and problem/incident management

-Reviews and approves technology related strategies, roadmaps, architectures, policies, standards, and designs for compliance with the Enterprise’s security architecture.

-Stays abreast of current and emerging security technologies and security threats, and proposes and recommends enhancements to security architecture to mitigate risks.

-Guide IT Business units through risk management and cyber assessments.

Serve as a security subject matter expert in discussions with key business and IT stakeholders.

COMPETENCIES:

• Post-secondary technical degree (e.g. Computer Science, Computer Engineering) or other relevant professional designation, or a combination of equivalent related training and applicable experienceFive to ten (5-10) years of experience in Cyber Security Enterprise Architecture Five years of experience developing reference documents such as security architectures, policies, directives, standard, and guidelines.
• Five years of experience in recommending Security designs, reviewing or approving designs, and conducting Security Risk Analysis
• Knowledge of:

-Enterprise security architecture & risk management frameworks

-Cyber Security standards such as: NIST 800-53, ISO 27001/27002, SOC 2

-Various cyber based concepts such as Identity and Access Management, Vulnerability and Threat Management, Zero Trust Architectures, Data Loss Prevention, etc.

-Tool and techniques to secure cloud-based workloads

• Experience with utilities specific operational systems (e.g. SCADA, ADMS, AMI is a plus)
• Experience with designing solution for emerging technologies such as Battery Storage, Energy Storage, Charging Station, Protocols and standards.
• Experience supporting the system implementations for both operational initiatives and strategic projects related to Cyber Security.

Strong knowledge of cybersecurity principles, techniques, technologies, and controls

Strong analytical and critical thinking skills

Solid understanding of security-enabling technologies across the development lifecycle

Expertise with cloud platforms such as Azure and AWS

Strong experience analyzing data outputs from network security systems

Knowledge of and experience working with data privacy regulations

• Knowledge of Incident and Problem Management, Technical Governance structures, ITIL and SDLC Frameworks
• Strong interpersonal and communication skills, both written and verbal
• Works towards continuous improvement and productivity as essential drivers of long-term sustainability.