Cyber Security Solution Architect delivers security architecture expertise, and best practices oversight across complex multi-cloud, multi-partner environments. It entails deep-level architecture reviews, crafting advisory and design reference architectures and secure design patterns. This person is responsible for designing, architecting, and supporting the administration and management of the IT/OT Security infrastructure and protecting its data and assets in accordance with established Information Security and policies, and industry best practices.

Responsibilities:

• Ensure delivery of an enterprise level cybersecurity program.
• Develop reference architectures that can be used to solve common requirements or mitigate trends in security findings in a repeatable way following (and identifying) recommended best practices.
• Lead threat modeling and partner with technical delivery teams to integrate security requirements and practices into solutions.
• Drive security architecture reviews of platforms & applications in complex multi-tenant, multi-provider, and vendor-cloud environments.
• Deliver strategic roadmaps Research and investigate new effective ways of delivering security as code, automation into the existing security architecture assessments and processes and other service delivery optimizations.
• Partner with the IT teams to follow progress on strategic platform initiatives. Proactively manage oversight and pace for the architecture reviews, and promptly address any critical issues that may create risk.
• Ensure assessments are known, documented, and properly performed to produce consistent, timely, high-quality deliverables. Develop and maintain technical proficiency and related certifications for core products and solution areas.
• Experience designing and implementing security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps and compliance preferred.
• Experience in a role that has designed and implemented NIST 800-53, FISMA and FedRAMP Moderate/High controls is required.
• Strong understanding of cloud security best practices, controls, policies, encryption, authentication, authorization, and audit capabilities.

Qualifications:

• Bachelor's degree or equivalent experience in business, computer science, or management information systems
• 10 or more years of professional experience solving business problems with technology solutions at an energy facility or related industry
• Preferred industry recognized experience in security (e.g., CISSP, CCSK, CISA, CISM, CEH)
• Minimum of 5 years of experience in IT security risk assessments and related frameworks (e.g., NIST 800 series, ISO 27000 series, IT General Controls)
• Knowledge of Identity and Access Management (IAM), Cryptography / Key Management, Access Controls and Security Protocols, secrets modernization, secrets management e.g., Multi-factor, SAML, OAuth, OIDC etc.
• Strong knowledge of the Azure/AWS Infrastructure services.
• Superior written and oral communication skills
• Strong analytical and system design skills
• Self-motivated and directed, with the ability to effectively prioritize and execute tasks in a high-pressure environment