Share this Job

Cybersecurity Architect

Date: Apr 11, 2019

Location: LAKE FOREST, IL, US, 600455202

Company: Grainger

 

 

Primary Function

 

The Cybersecurity Architect designs and develops system concepts and works on the capabilities phases of the systems development lifecycle. Translates technology and environmental conditions into system and security designs and processes.

 

 

Principle Duties and Responsibilities

  • Consider user needs and business requirements to plan system architecture.
  • Collaborate with Solution and Domain specific Architects to select appropriate design solutions or ensure the compatibility of various system components.
  • Attends and represents the Cybersecurity Engineering team during collaboration and planning meetings
  • Define and prioritize essential system capabilities or business functions required for partial or full system restoration after a catastrophic failure event.
  • Develop information assurance designs for systems and networks with multilevel security requirements based on Grainger's data classification standards.
  • Document and address Grainger's information security, information assurance architecture, and systems security engineering requirements.
  • Document design specifications, installation instructions, and other system-related information.
  • Ensure all definition and architecture activities (e.g., system lifecycle support plans, concept of operations, operational procedures and maintenance training materials) are properly documented and updated.
  • Evaluate current or emerging technologies to consider factors such as cost, security, compatibility, and complexity.
  • Identify the protection needs (i.e. security controls) for information system(s), network(s) and document appropriately.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Advise on project costs, design concepts, or design changes.
  • Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
  • Translate proposed technical solutions into technical specifications.
  • Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
  • Document and prioritize technical risks throughout the system lifecycle.
  • Define and document maturity metrics in alignment with NIST security controls

 

Knowledge Areas and Experience

  • Effective communicator who can effectively demonstrate the abilities to connect, listen, patience, adapt, tolerance and emotional intelligence.
  • Consistent in verbal and written communication.
  • Ability to connect diverse technology and business members though mentoring and education of cybersecurity methods and techniques. 
  • Experience in computer networking concepts and protocols, and network security methodologies.
  • Proficiency and knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
  • Proficiency in cybersecurity principles and ability to effectively communicate these principles to technical and non-technical audiences.
  • Knowledge of cyber threats and vulnerabilities.

 

Specialties, Skills and Abilities

  • Knowledge of authentication, authorization, and access control methods.
  • Knowledge of cryptography and cryptographic key management concepts.
  • Knowledge of embedded systems and internet of things.
  • Knowledge of how system components are installed, integrated, and optimized.
  • Knowledge of industry-standard and organizationally accepted analysis principles and methods.
  • Knowledge of information assurance principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
  • Knowledge of information technology architectural concepts and frameworks.
  • Knowledge of information technology security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
  • Knowledge of network design processes, including security objectives, operational objectives, and tradeoffs.
  • Knowledge of client and server operating systems.
  • Knowledge of secure configuration management techniques.
  • Knowledge of key concepts in security management (e.g., Release Management, Patch Management).
  • Knowledge of security system design tools, methods, and techniques, including automated systems analysis and design tools.
  • Knowledge of technology integration processes.
  • Knowledge of the systems engineering process.
  • Skill in applying and incorporating information technologies into proposed solutions.
  • Skill in determining how a security system should work, including its resilience and dependability capabilities, and how changes in conditions, operations, or the environment will affect these outcomes.
  • Skill in discerning the protection needs (i.e., security controls) of information systems and networks.
  • Knowledge of Personally Identifiable Information (PII) and Payment Card Industry (PCI) data security standards.
  • Knowledge of information technology (IT) supply chain security and risk management.
  • Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth).

 

“Grainger is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, gender identity, sexual orientation, disability, or protected veteran status.”


Job Segment: Risk Management, Information Systems, Developer, Database, Supply, Finance, Technology, Operations

Find similar jobs: