National Grid Security Solution Architect in Syracuse, New York
National Grid is hiring a Security Solutions Architect for our Security Group in Syracuse, NY.
Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.
To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business.
The Security Solutions Architect serves as a security lead/visionary and will act as an expert in many areas of security, describing in business terms the impact of security policies, standards, technology standards and architecture on the business. This person will provide security direction to the program/project(s) based on the business requirements and focus areas.
The Security Solutions Architect must be able to interpret high level business requirements and communicate them to highly technical security engineers; conversely, they must also be able to articulate highly technical issues to a non-technical business audience.
The Security Solutions Architect is to provide minimum security requirements and to ensure that the delivered solution is fit for purpose and effective when transitioned in to service. The Security Solutions Architect will identify security services to be integrated into the overall solution and work with the security tower teams to ensure implementation of the services.
Providing a security service steer to the program, on security related matters.
Ownership and definition of the security scope/architecture for a variety of projects deployed globally
Drive security requirements, architectures, patterns and approaches via the company's processes.
Day to day engagement with development teams to advise and consult on security matters
Work closely with project teams, DevOps teams to ensure solution complies with baseline security requirements
Removing impediments for the successful delivery of the security related solutions
Provide technical security input as required by the security policy development team.
Coordination of technical design/review activities with various segments within the Security team.
Accountable for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business.
Accountable for ensuring residual risk is captured and owners are identified and accept the risks.
Supervisory/Interpersonal- Experience Required
Strong communication (Written and Verbal), leadership and partnering skills.
Prepared to challenge the programme and IS colleagues and have the “difficult conversations” where needed in the interests of National Grid.
Able to demonstrate a high degree of credibility and influence senior stakeholders within the organization.
Bachelor's degree lor equivalent combination of education and experience in Information Security Qualifications such as: CISSP, CSSLP, CISM, SABSA, SANs, CCNA, CCNP
Strong background in security architecture frameworks such as Zachman/E2AF/TOGAF/SABSA
Appreciation of wider information security related principles, likely to be gained in industry or from a consultancy background.
Skilled in creating technology standards and experience with presenting security requirements and necessary security services to the security and/or enterprise governance boards for acceptance and approval.
Experience in cloud security solution, Azure hands on experience preferred
Knowledge of Cloud fundamentals - Design Patterns, Shared Security, Monitoring.
Experience with cloud-based security controls (secure web gateway, next gen firewall, cloud access security broker).
Background in defining security requirements across network, database, operating system and application.
Understanding of security testing process SAST/DAST/Vulnerability Assessments/DevSecOps pipeline/Pen testing etc.
Knowledge of security solutions such as IDS/IPS, secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions.
Knowledge of data and information flows, information governance, network protocols.
Knowledge of security hardening techniques and policy development, particularly operating system hardening (e.g. Windows, UNIX, Oracle).
Experience in integration with a SIEM, or working within a system monitoring environment.
This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.