Position located in Allentown, PA or Washington, D.C.
The Cyber Security Architect sets direction and rules for enterprise-wide management IT security risk (e.g., DLP, IDS, NERC CIP), measure outcomes, and directs the applicable management action.
The Lead level is recognized as an expert in own area within the organization and works independently, under minimal guidance from supervisor. Progression to Lead level is limited on the basis of business requirement.
The Principal level is recognized as an expert within the organization and works independently to skillfully balance security best practices against business drivers, with an evaluation of risk and cost. Uses extensive technical knowledge discipline to proactively solve unique and complex cybersecurity problems that have a broad impact on the business. Leads project teams to achieve milestones and objectives. Trains and develops subordinate staff. Progression to Principal level is limited on the basis of business requirement. May supervise a limited number of individual contributors.
Leads projects, analyzes and solves complex problems, and recommends solutions in the below areas.
Cybersecurity Architecture Design:
? Develop, document, manage and implement an Enterprise wide Security Framework, Strategy and Roadmap, that outlines and defines the tactical, operational and strategic plan for cyber security ? Develop a working catalog of cybersecurity systems after assessing in-use network and security technologies ? Design and develop logical and physical security architectures, reference models, and reference architectures ? Determine how the components included in a system architecture should be organized to ensure that security requirements are met ? Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software Principal Level: Detailed knowledge of Security Architecture principles and ability to lead a team of Security Specialists in the development of capability roadmaps
? Determine security requirements by evaluating business strategies and requirements ? Identify functional and technical cybersecurity requirements, integration needs and prepare cost estimates ? Integrate technical, managerial, and financial considerations when sponsoring solutions Principal Level: Technical acumen and experience in implementing secure business technology, including finance, human capital management, logistics, supply chain and corporate functions Thought Leadership:
? Track and understand emerging cybersecurity practices and standards by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations ? Research information security standards, conducting system security and vulnerability analyses, and risk assessments, studying architecture/platform evolution ? Develop criteria to assess and validate IT security risks (e.g., DLP, IDS, NERC CIP) and relevant security architectures ? Provide technical and thought leadership for the development of security architectures ? Apply a working knowledge of security models and methods for integrating security into a system architecture Principal Level: Ability to influence a significant transformation in the security practices across business technology platforms System Testing:
? Assess security system performance and review compliance and incident response reports to ensure compliance to standards, policies, and procedures ? Identify security gaps, and evaluate enhancements ? Provide oversight to collection and analysis of system security reports and summarize data and trends Problem Resolution:
? Assist in resolving security problems through the appropriate choice of error detection and correction, process control and improvement, or process design strategies Physical presence in the office/on-site to engage in face-to-face interaction and coordination of work among direct reports and co-workers.
May be assigned an Electric Utilities emergency and storm role. This is a special assignment that comes into play during storms and other emergencies when the company needs to restore power or respond to other issues affecting customer service. This role may necessitate the need to work after-hours, outside of your normal schedule.
Candidates must meet the basic qualifications and pass all required tests or assessments to receive consideration.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility form upon hire.
Basic Qualifications for Lead Level:
? Bachelor's degree and 7 years of related work experience OR 10 years of related work experience ? Experience with NIST, NERC CIP, SOX and PCI requirements ? Proven ability to prioritize and execute tasks ? Highly self-motivated and directed with attention to detail ? Easily adapts to changing circumstances ? Understands business goals and strategic priorities ? Promotes respect and can work effectively with diverse groups and environments Basic Qualifications for Principal Level: ? Bachelor's degree in related technical discipline. ? More than 15 years experience in related technical discipline and approval of the Chief Information Officer or higher. ? Certified Information Systems Security Professional- CISSP ? Experience with NIST, NERC CIP, SOX and PCI requirements ? Proven ability to prioritize and execute tasks ? Highly self-motivated and directed with attention to detail ? Easily adapts to changing circumstances ? Understands business goals and strategic priorities ? Promotes respect and can work effectively with diverse groups and environments Preferred Qualifications
Preferred Qualifications for Lead Level:
? Experience supporting fast-changing business organizations ? NERC CIP Compliance Analysis Certification, System Operator Certification, Certified Information Systems Security Professional (CISSP), GIAC Critical Infrastructure Protection Security Certification Preferred Qualifications for Principal Level: ? Master's degree in related technical discipline or MBA Equal Employment Opportunity
Our company is an equal opportunity, affirmative action employer dedicated to diversity and the strength it brings to the workplace. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, national origin, protected veteran status, sexual orientation, gender identify, genetic information, disability status, or any other protected characteristic.