Senior Security Architect

10-15+ years experience - Understands Security Architecture Compliance. Enterprise Vulnerability Management, IOT/OT. Primary Responsibilities

• Review existing security architecture, identify design and policy gaps, and recommend security enhancements to enterprise business and process control networks
• Design and implement action plans for policy creation and governance, system hardening, monitoring, incident response, disaster recovery, and emerging cybersecurity threats.
• Defines and develops security requirements using risk assessments, threat modeling, testing, and analysis of existing systems.
• Stay abreast of current and emerging security threats and design security architecture to mitigate them
• Follow and understand emerging security technologies and integrate them into security architecture as needed
• Ensure alignment between security architecture frameworks and standards and overall strategy
• Interface with IT leads to maintain and evolve standards for third party and supply chain security risk.

• Serve as an information security expert and trusted advisor to partners in IT and the business
• Plan, design, and implement security solutions and capabilities to scale that enable the organization to identify, detect, respond, and recover from cyber threats and vulnerabilities.
• Develop, consult, advise and execute the security program, as both driver and team player
• Oversee the information security technology stack, from an infrastructure, application, and service perspective
• Own and execute the enterprise vulnerability management program by overseeing vulnerability management solutions. Partner with enterprise IT teams and compliance teams to set the direction and prioritization for discovered vulnerabilities.
• Achieve security architecture compliance on requirements, including, but not limited to, Sarbanes-Oxley, NIST, global data privacy requirements and state and federal regulations. Education Requirements: Bachelors’ degree from an accredited institution.

• Senior-level experience in an enterprise IT environment, preferably with an understanding and experience supporting a manufacturing company
• Experience securing edge compute stacks (we’re looking at hardware convergence at our sites to host Level 3 and Level 4 environments using logical separation)
• Demonstrated experience with IOT and OT security concepts and challenges
• Demonstrated experience with vulnerability management concepts and technology, as well as driving change through policy and engagement
• Experience with Active Directory Group Policy at Enterprise-scale
• Looking for an engaging leader, with strong communication skills that can engage both business and technical teams.