Intergrated Security Architect

The Integrated Security Architect will oversee the design of processes, concepts, and capabilities for systems related to physical security and cybersecurity.

Ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture (Physical and Cyber) including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.

• Develop / integrate physical and cyber security designs for systems, networks, with various security requirements for CPS Energy’s regulated and non-regulated environments.
• Responsible for subject matter expertise on security requirements, gaps, risks, and mitigations across various technologies in physical security and cybersecurity including emerging / rare / unconventional technologies and implementations.
• Validation of the effectiveness of controls in mitigating security risks.
• Document and address organization's information security, physical security, cybersecurity architecture and engineering requirements throughout the life cycle of various systems.
• Responsible for gathering and interpreting system requirements, needs, and specifications from Business Units and implementing CPS Energy’s security program requirements into the overall ecosystem.
• Identify, document, and calculate impacts related to system interdependencies specifically related to the cascading effects of risks as applied to the overall ecosystem.
• Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life- cycle support plans, concept of operations, operational procedures, and maintenance training materials).
• Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
• Identify and prioritize critical business functions in collaboration with organizational stakeholders.
• Analyze and translate business unit needs and requirements to plan architecture. Perform other duties as assigned.

Minimum Knowledge and Abilities

• Experience in Cloud and underlying technology (Azure, AWS, GCP, etc. ) or advanced technologies supporting physical security.
• Demonstrated experience with security (physical or cyber) systems design, requirements, and strategic implementation.
• Knowledge of security and privacy principles.
• Knowledge of technology integration processes.
• Knowledge of security concepts (e.g., zones of protection, components of a secure system, confidentiality, integrity, and availability).
• Knowledge of Risk Management Framework Assessment Methodology. Knowledge of multi-level security systems and cross domain solutions.
• Skill in implementation of network architecture for Physical and Cybersecurity systems. Skill in applying and incorporating security technologies into proposed solutions.

Skill in writing test plans.

• Skill in applying security models. Skill to apply security and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's Integrated Security architecture.

Ability to communicate effectively when writing.

• Ability to conduct vulnerability assessments and recognize vulnerabilities in security systems. Ability to apply an organization's goals and objectives to develop and maintain architecture.
• Valid Class C Texas Driver’s License / Must have favorable driving record.

Minimum Education

Master’s degree in Information Technology, Computer Science, Computer Engineering, or Cybersecurity

Preferred Qualifications

• Deep knowledge of various enterprise level platforms widely used within the security industries. · Certified Information Systems Security Professional (CISSP).
• Technology based certifications, e.g. MCSE, CCNP, etc.
30+ days ago