Director, Information Security Architecture & EngineeringRacine, Wisconsin Job ID 11665 Apply
The Director, Security Architecture & Engineering, is an integral part of a Global Information Security (GIS) Department and plays a vital role in protecting and advancing our global security posture reporting to the Global Chief Information Security Officer. The Director collaborates with a multi-disciplinary teams of technology professionals to secure the firm’s internal and external information and technology infrastructures (on premise and cloud), including the on-going maintenance and management of hardware and software that powers the firm’s internal/external security platforms.
The ideal candidate for this role will demonstrate strong leadership skills, have technology expertise and a strong ability to assimilate new information quickly, and highly effective communications skills driving to win-win outcomes with IT and business partners.
This leader will ensure the information security architecture is safeguarding and enabling the global business operations through the ability to articulate a strategic vision based on business needs. She or he will achieve that through effective execution of the roadmaps through the security engineering team.
She or he will optimize team processes to ensure efficient and effective delivery of services in a 24x7 ‘follow the sun’ operating model. This position will also own GIS tactical and strategic Roadmaps and GIS Architecture framework.
We are seeking a professional with a background in all aspects of security architecture including network, application, cloud, digital identity, social and mobile. The Director is responsible for providing input on information security policies, procedures, and strategies.
She or he will work collaboratively with the Enterprise Architecture team, and report dotted line to the Chief Enterprise Architect, to define and implement appropriate security requirements based on an overall Enterprise Architecture. She or he will also work closely with Infrastructure and Operations, Application Management, and Information Management to ensure alignment. They will also help represent information security on various projects and boards including but not limited to Architecture Review Board, PMO Gate Review Board.
Basic understanding of departmental budget and resource management as well as understanding of ITIL processes is required to enable successful delivery of Security Programs and initiatives.
Essential Duties and Responsibilities:
- Lead the analysis, requirement development, design, and implementation of authentication and authorization policy governance for new and existing applications
- Lead a team of Security Architects & Engineers and establish the overall Information Security Architecture.
- Provide IT security technical and project leadership for fine grained solutions including developing robust security reference architectures.
- Develop guidelines and processes to govern a centralized application security model
- Lead the analysis, requirement development, design, documentation, implementation, and maintenance of complex IT solutions
- Provide technical and/or project leadership function for assigned security projects including; the protection of information systems assets, corporate information, and intellectual property
- Work within the framework of established operating procedures to implement security measures for the business information assets
- Leverage existing solutions and global design to drive standardization and simplification to reduce implementation timelines and costs
- Communicate security standards and policies
- Identify critical path decisions, make recommendations, and influence program leaders/business process owners
- Estimate costs and schedules and recommend resource required and solutions to problems
- Proactively collaborate with management in developing strategic direction, setting objectives, and setting realistic and challenging goals
- Interface with internal and external contributing organizations
- Act as a technical advisor and subject matter expert to internal stakeholders and partners.
- Maintain a superior knowledge of the cyber security capabilities of operating systems, networking devices, control systems, and vendor offerings.
- Maintain a working knowledge of applicable cyber security standards involving critical infrastructure, including those relating to process networks
- Understand technical issues and the implications to the business and be able to communicate them to management and other business leaders
Required Skills / Experience / Competencies:
- Bachelor’s degree in Computer Science, Management Information Systems or related Technology or Business degree
- 10+ years of experience as an IT or Information Security Professional with relevant experience in Information Security Architecture and Engineering
- Experience managing a delivery function or team in either an IT or Information Security enterprise environment
- Well versed in industry standard frameworks such as NIST, Mitre ATT&CK, ISO 27001-x, OWASP etc. and comfortable in ensuring these frameworks are adopted through Project Lifecycles.
- Cloud foundational security and CSA and CSF framework as well as IaaS, PaaS and SaaS proficiency
Preferred Skills / Experience / Competencies:
- Advanced Degree is preferred
- Familiarity with Architectural Frameworks such as TOGAF, Zachman DoDAF, SABSA etc.
- Familiarity with Identity Federation technologies including experience integrating large scale identity solutions
- Fundamental understanding of PKI, virtualization, IAM
- Well versed in solving challenges around IT and OT delineation and IoT segmentation.
- Ability to train, manage and assist co-workers on all aspects of security awareness, controls and compliance
- Information security and data protection skills
- Ability to effectively work in a matrix management environment
- The ability to lead large groups and be a primary facilitator
- Ability to lead and shape stakeholder expectations
- Help drive pursuits and engage in complex deals, matching outcomes to expectations
- Ability to work easily with diverse and dynamic teams
- Ability to influence and build consensus with other IT teams and leadership
- Demonstrated initiative to stay abreast of technology advancements
- Able to earn respect as trusted advisor for business, legal and governance.
- Superior written, presentation, and verbal communication skills
- Exceptional organizational, interpersonal and team skills
- Ownership orientation to solving problems
SC Johnson & Son, Inc. is an equal employment opportunityand affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, status as a qualified individual with a disability, marital status, pregnancy, sexual orientation, ancestry, genetic information, or any other characteristic protected by law.
If you are an individual with a disability and you need an accommodation or other assistance during the application process, please call our Human Resources department at262-260-3343or email your request to SCJHR@scj.com. All qualified applicants are encouraged to apply. Download the EEO is the Law posterfor more information.