As an information Security Architect, you are responsible for evolving H-E-B's technical security strategy and architecture by developing solutions, frameworks, and plans in order to meet our growing and evolving needs. You will work closely with other Info Security team members to develop and implement a comprehensive info security program, to include defining security policies, processes, and standards. In coordination with security analysts, you will work with the IT department to select and deploy technical controls to meet specific security requirements, and define processes and standards to ensure that security configurations are maintained.
Do you have a:
HEAD FOR BUSINESS... expertise to provide architectural direction for multiple, concurrent projects?
HEART FOR PEOPLE... interpersonal skills to interact across all business functions?
PASSION FOR RESULTS... an ability to understand and apply future technology and operational trends?
We are looking for:
- one or more certifications in Info Security Architecture
- leadership skills
What is the work?
Security / Development:
- Serves as a security expert in application development, network, and / or platform (operating system) efforts helping project teams comply with enterprise and IT security policies, industry regulations, and best practices
- Creates and maintains enterprise security standards applicable to all technologies in the portfolio
- Develops security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained
Strategy:
- Provides architectural strategy and subject matter expertise in a broad range of IT security disciplines, including network security, data protection, malware defenses, security analytics, identity and access management, compliance, endpoint and mobile security, third-party software-as-a-service integration, infrastructure as a service, cloud, and secure coding lifecycle
- Works closely with business units to develop technically feasible long-term IT strategies and plans
- Ensures execution of multi-year strategies and alignment of projects, tasks, and framework to the strategic security roadmap
- Works with info security leadership to develop strategies and plans to enforce security requirements and address identified risks
- Works closely with the other technology architects to ensure that security is properly provisioned in their technology domains and patterns
- Reviews / approves technology projects for adherence to security policies as part of the Architecture Review Board (ARB) process
- Determines security requirements by evaluating business strategies and requirements, researching Information Security standards, conducting system security and vulnerability analyses, and risk assessments
Preferred Education and Experience
- A related degree or comparable formal training, certification, or work experience
- One or more certifications in Information Security Architecture, (e.g., Zachman, TOGAF, Information Technology (IT) service Management [ITSM])
- Experience in / knowledge of developing and documenting Security Architecture and plans, including strategic, tactical and project plans
- Experience with and application of common Information Security management frameworks, such as International Organization for Standardization (ISO) 27001/2 and the ITIL, COBIT, and National Institute of Standards and Technology (NIST) frameworks
- Experience in managing small team of 2-3 Security Architects
- IT Security Certifications, such as CISSP or GIAC
- Expertise in secure coding practices, threat modeling, Security Architecture, vulnerability management, enterprise security, application security, incident management, security incident, networking, information technology operations
- Expertise in data-protection software and hardware solutions including application, database, and file level encryption and tokenization solutions
- Experience as a Security Architect involving various Cloud and / or Mobile and integration technologies
- Experience with Security Architecture reviews, risk assessments, developing security requirements, and strategies
- Experience with enterprise-level security assessments, including performing security and vendor risk assessments for SaaS, PaaS, and IaaS
- Experience with server security (web servers, app servers, PKI, OWASP Top 10, etc.)
- Experience with applicable control frameworks and compliance mandates, such as PCI and / or HIPAA
- Experience in architecting / implementing complex security-based solutions
- Experience in Unix and web-related programming or scripting languages, such as Perl, PHP, Shell Scripting, J2EE, .NET, C#, JSP, and ASP
Preferred Key Competencies
- Excellent technical knowledge of mainstream operating systems (e.g., MS Windows, Macintosh, Linux) and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools
- Familiarity with multiple architectural, developmental, and operational methodologies, (e.g., Zachman, TOGAF, Information Technology (IT) service Management [ITSM])
- Knowledge of data-protection mechanisms, including an understanding of cryptographic algorithms such as AES, 3DES, RSA, ECC, SHA, etc.
- Knowledge of project management fundamentals; experience creating / managing project plans, including budgeting and resource allocation
- Knowledge and experience with key management protocols and techniques of effective key management and industry standard guidelines from X9, NIST, etc.
- Excellent speaking, presentation, and writing skills
- Strong leadership skills
- Ability to understand the customer's business problem, need, or opportunity and to design an IS solution that appropriately addresses it
- Ability to provide architectural direction for multiple large-sized projects concurrently
- Ability to estimate financial impact of technical architecture alternatives
- Ability to understand future technology or operational trends as they relate to and support customer business requirements ('trusted advisor' role)
- Ability to comprehend business imperatives
- Proficiency in performing risk, business impact, control, and vulnerability assessments
Physical and Other Requirements
- Function in a fast-paced, retail, office environment
- Travel by car or plane with overnight stays
- Work extended hours; sit for extended periods