Principal Cyber Security Architect

Description

Key Accountabilities

Innovation

Perform research activities to identify emerging technologies and trends that may affect the enterprise.

Maintain awareness of vendor / product industry developments, regulations and trends and identify potential impacts to the enterprise.

Evaluate and recommend security solutions that meet the organization's requirements, budget, and risk management goals.

Design and oversee efforts in building effective bank specific Proof of Concept demonstrations and socialize the results.

Develop and maintain strong relationships with business domain leadership to keep track of changing business needs and priorities.

Provide technical / business consulting to internal departments and client-sponsored activities outside of Technology Services.

Strategy

Provide technical / business consulting to internal Technology organizations and client-sponsored activities outside of Technology.

Analyze the business drivers that determine key architecture requirements.

Develop and maintain a comprehensive security strategy and roadmap that aligns with the organization's goals and objectives.

Develops and maintains strong relationships with key vendors and business leaders to rack changing business needs and priorities.

Contribute to cyber security organization by developing reference architectures, training / certification material etc.

Governance

Design and / or implement security architecture that aligns with business needs, industry best practices, and regulatory requirements

Facilitate and develop and maintain security standards for key technologies that meet regulatory compliance and industry standards

Facilitate the development and evolution of the architecture and global governance processes.

Define and facilitate the process for approving architecture principles and standards.

Develop different methods to communicate effectively and analyze cyber security metrics to identify improvement opportunities

Mentor technology team members in the principles of Security Architecture.

Identify potential security risks and vulnerabilities, assess their impact, and identify measures to mitigate them.

Education, Experience, & Skill Requirements

12+ years in network, information systems, information security, application engineering or architecture

Deep understanding of network security and commercial infrastructure security concepts.

Strong knowledge of security controls and risk management frameworks & models.

Strong working knowledge with identity and access management, cloud, data protection, endpoint, infrastructure, application, network, and container security best practices.

Experience with secure cloud web application implementation and product development.

Experience with DevOps, DevSecOps, and Agile SDLC methodologies

Experience in scripting / coding to automate operational processes and system integrations

Experience with static code analysis tools and open-source security and license management tools.

Must be able to evaluate & apply concepts of risk management and prioritization models for security related risk items.

Capable of working under pressure in a continually changing environment.

Strong inter-personal skills are required to work across the organization and interface with the business including internal and external audit to ensure security controls are in place and effective.

Ability and desire to stay current with emerging cybersecurity technologies, best practices, recommendations, and events and incorporate these into processes, procedures, and policies where it makes sense.

Expert problem solver with strong analytical, troubleshooting, critical thinking, and problem-solving skills

Strong written and verbal communication skills, work ethic and positive attitude

Ability to work alone with minimal supervision effectively and efficiently

BA / BS degree in Computer Science, Information Systems or a related technical field, or the equivalent combination of education and experience;

CISA, CISM, OSCP, or CISSP certifications a plus.

Key Metrics

Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members;

teaching improved processes; mentoring team members.

Plans security systems by evaluating network and security technologies; develops security requirements for servers, workstations, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related devices;

designs public key infrastructures (PKIs), including use of certification authorities (CAs), digital signatures & hardware and software

Adheres to industry guidelines, best practices, & standards; automates repeatable tasks, including security control enforcement

Prepares system security reports by collecting, analyzing, and summarizing data and trends.

Enhances department and organization reputation by exploring opportunities to add value to security strategy and objectives.

Job Family

Information Technology

Company

Vistra Corporate Services Company

Locations

Irving, TexasTexas

It is the policy of the Company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, disability, genetic information, military service, protected veteran status, or any other consideration protected by federal, state or local laws.