DescriptionWe are seeking a Product Cyber Security Architect to champion information security for S&C’s cyber security vision for product development to include embedded IOT devices as well as, cloud-based, desktop and mobile applications. The skillset requires a technical understanding of cyber security best practices, implementation with the ability to clearly communicate direction to other cyber architects and corporate leaders. Prior experience with information security management is essential for this position. Cyber security experience maintaining critical infrastructure is preferred. The successful candidate will join a high-performance and cross-functional team.
Responsibilities of this position include, but are not limited to, the following:
- Champion cyber security best practices and set the technical vision and implementation of S&C’s corporate-wide information security program within the product development domain..
- Participate in ongoing activities and strategic planning efforts intend to address emerging security threats and to further enhance S&C’s cyber posture
- Develop policies and procedures that will enhance product cyber security and mitigate emerging threats through multi-year roadmaps
- Building consensus and establishing collaboration with team members from every department in S&C.
- Development of cyber security risk assessments
- Develop cybersecurity test procedures and participate in cybersecurity vulnerability scans/assessments using common tools.
- Assist in developing cyber security educational material
- Outstanding analytical skills and the initiative to remain current with new changes in the cyber security technical field.
- Participate in evaluating proposed projects, software vendors, and S&C business practices for potential cyber concerns, and assist in the development of policy and procedure to address the concerns
- Participate in Cybersecurity code reviews
To select this job as one of interest to you, at a minimum, you must have the following:
- Experience with common security tools for detecting and monitoring vulnerabilities
- Experience with embedded systems and cloud-based applications
- Excellent communication skills and ability to relay technical information at all levels of S&C
- Understanding of industry standards including the following:
- NIST – 800-53 Security Controls
- NERC CIP
- ISO 27001
- Bachelor’s degree in computer science or other related technical degree and. relevant cyber security certifications.
Relevant Work Experience:
- 10 years of experience as a cyber security or systems architect in a product development environment.
- Industry experience with applicable product cybersecurity standards such as IEEE 1686, NIST 800-53, IEC 62351, and NERC-CIP
- Industry experience working with cybersecurity working groups (e.g., IEEE, NIST, IEC, etc.)
- Experience with implementing product cybersecurity and data security controls
- Ability to map necessary cybersecurity requirements to new products based on risk and cost factors
- Current CISSP certification is desirable
MAJOR PHYSICAL DEMANDS
- Physical demands are those normally associated with an office environment
- Travel may be required to S&C’s manufacturing locations and/or to customer