South Dakota Staffing
Senior Information Security Architect
South Dakota Staffing, Rapid City, South Dakota, United States, 57700
Senior Information Security Architect
Location: Rapid City, SD, United States Reporting Relationship: Senior Manager Cybersecurity Relocation Assistance: Relocation assistance is available based on individual circumstances! Details to be shared during the offer process. Essential Functions:
Manage the development, documentation, implementation, and communication of enterprise-wide information security strategies, cybersecurity capabilities, practices, and policies. Lead and/or manage multi-disciplinary team reviews of existing architecture, identify design gaps, and recommend security enhancements. Lead and/or manage multi-disciplinary team reviews of new products, business applications, and/or vendors to identify security design gaps. Conduct individual, independent security reviews of vendor proposals, review security architectures and recommend modifications. Serve as information security subject matter expert, trusted advisor/inside consultant; provide advisory and consulting services as needed. Collaborate cross-functionally with IT, engineering, compliance, and business stakeholders to integrate security into enterprise initiatives and technology roadmaps. Understand current as well as emerging security threats and design security architecture to mitigate threats where possible. Stay current with emerging technologies, threat landscapes, and industry trends to proactively guide security investments and innovation. Assist multi-disciplinary incident response team in response to current or potential threats, incidents. Lead and/or participate in security risk assessments using NIST based risk methodology. Prepare specific security status reports by developing, collecting, analyzing, and summarizing security related data and trends. Present specific security status reports to various levels of management, including Senior Management Team. Identify and develop regular and emergency security-related communications as needed. Actively promote security and risk related campaigns for information security awareness among all staff. Maintain an operational understanding of existing and proposed security standards as well as State and Federal legislation and regulations pertaining to information security. Conduct risk assessments, threat modeling, and gap analyses to identify vulnerabilities and recommend effective mitigation strategies. Additional Responsibilities:
Identify, track and report information security metrics on a monthly basis. Design and provide metrics reports for various audiences including IT staff, IT leadership, Senior Management and the Board of Directors. Acts as information security liaison with all levels of the IT organization and with the lines of business and other internal departments and organizations. Participate as part of the contract review team for those contracts with IT or IT security implications. Make recommendations for standard contract language related to security functions and/or requirements. What Is Required:
Bachelor's Degree Minimum of Bachelor's Degree in Information Technology, Computer Science, Information Assurance or related technical field Minimum of 5 years of Information Security experience Minimum of 5 years of experience in a Security Analyst, Security Engineer or Security Architect role Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc Strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems. Strong understanding of emerging technologies in IT such as a Cloud Platform, Internet of Things and Mobile BYOD as well as the associated security risks. Solid working knowledge of common information technology management and security frameworks, such as ISO/IEC 27001, OWASP, SANS, ITIL, COBIT, and NIST. Strong knowledge cyber security theory and practice as promoted by numerous security standards and certification entities. Strong understanding of advanced technical security topics such as Security Essentials; Ethical hacking; Auditing and monitoring networks, systems, and users; forensics, malware analysis; and security incident response. Experience with various Information Security technologies, including: firewalls, IDS/IPS products, vulnerability assessment and management products, Windows operating systems, UNIX/Linux operating systems, networks (routing, switching, design, etc.), scripting/programming (shell, Perl, C, etc.) Excellent organizational skills with attention to details, accuracy and timeliness. Good presentation skills and able to conduct user training for all security applications. Work effectively with security integrators, vendors, software manufacturers and application users to program, maintain and improve support for all security systems. Handle confidential and proprietary information with discretion. Able to work independently, handle multiple projects simultaneously, lead a varied team in a variety of security related work functions and the ability to adapt to critical timelines. This role will be required to travel up to 10% of the time. What Is Desired:
Experience in a converged cyber and Physical Security department Experience in business/industry (beyond IT), and experience in business beyond the electric and gas utility space Experience managing cross-functional teams or projects, and influencing senior-level management and key stakeholders ITIL, PMI Knowledge of physical security controls and concepts desired Project Management fundamentals desired. Ability to lead and mentor coworkers in security and job-related functions. About our Company: We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice. Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas). Enjoy our Comprehensive Benefits Package! Annual discretionary bonuses, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, generous paid time off benefits, including paid holidays and parental leave, company paid life insurance and disability benefits (short and long term), an employee assistance program and well-being benefits, and competitive medical, dental and vision insurance. Candidates must successfully pass a pre-employment drug screen and background check. If there is anything that may show up in these reports that may conflict with the position requirements, feel free to contact the Black Hills Energy recruiting team at jobs@blackhillscorp.com. Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran. If you require reasonable accommodation, please visit careers.blackhillsenergy.com for more information. Wage: $103,150 - $170,200
Location: Rapid City, SD, United States Reporting Relationship: Senior Manager Cybersecurity Relocation Assistance: Relocation assistance is available based on individual circumstances! Details to be shared during the offer process. Essential Functions:
Manage the development, documentation, implementation, and communication of enterprise-wide information security strategies, cybersecurity capabilities, practices, and policies. Lead and/or manage multi-disciplinary team reviews of existing architecture, identify design gaps, and recommend security enhancements. Lead and/or manage multi-disciplinary team reviews of new products, business applications, and/or vendors to identify security design gaps. Conduct individual, independent security reviews of vendor proposals, review security architectures and recommend modifications. Serve as information security subject matter expert, trusted advisor/inside consultant; provide advisory and consulting services as needed. Collaborate cross-functionally with IT, engineering, compliance, and business stakeholders to integrate security into enterprise initiatives and technology roadmaps. Understand current as well as emerging security threats and design security architecture to mitigate threats where possible. Stay current with emerging technologies, threat landscapes, and industry trends to proactively guide security investments and innovation. Assist multi-disciplinary incident response team in response to current or potential threats, incidents. Lead and/or participate in security risk assessments using NIST based risk methodology. Prepare specific security status reports by developing, collecting, analyzing, and summarizing security related data and trends. Present specific security status reports to various levels of management, including Senior Management Team. Identify and develop regular and emergency security-related communications as needed. Actively promote security and risk related campaigns for information security awareness among all staff. Maintain an operational understanding of existing and proposed security standards as well as State and Federal legislation and regulations pertaining to information security. Conduct risk assessments, threat modeling, and gap analyses to identify vulnerabilities and recommend effective mitigation strategies. Additional Responsibilities:
Identify, track and report information security metrics on a monthly basis. Design and provide metrics reports for various audiences including IT staff, IT leadership, Senior Management and the Board of Directors. Acts as information security liaison with all levels of the IT organization and with the lines of business and other internal departments and organizations. Participate as part of the contract review team for those contracts with IT or IT security implications. Make recommendations for standard contract language related to security functions and/or requirements. What Is Required:
Bachelor's Degree Minimum of Bachelor's Degree in Information Technology, Computer Science, Information Assurance or related technical field Minimum of 5 years of Information Security experience Minimum of 5 years of experience in a Security Analyst, Security Engineer or Security Architect role Current management or technical level Information Security certification (CISSP, CISM, CRISK, GIAC) etc Strong understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems. Strong understanding of emerging technologies in IT such as a Cloud Platform, Internet of Things and Mobile BYOD as well as the associated security risks. Solid working knowledge of common information technology management and security frameworks, such as ISO/IEC 27001, OWASP, SANS, ITIL, COBIT, and NIST. Strong knowledge cyber security theory and practice as promoted by numerous security standards and certification entities. Strong understanding of advanced technical security topics such as Security Essentials; Ethical hacking; Auditing and monitoring networks, systems, and users; forensics, malware analysis; and security incident response. Experience with various Information Security technologies, including: firewalls, IDS/IPS products, vulnerability assessment and management products, Windows operating systems, UNIX/Linux operating systems, networks (routing, switching, design, etc.), scripting/programming (shell, Perl, C, etc.) Excellent organizational skills with attention to details, accuracy and timeliness. Good presentation skills and able to conduct user training for all security applications. Work effectively with security integrators, vendors, software manufacturers and application users to program, maintain and improve support for all security systems. Handle confidential and proprietary information with discretion. Able to work independently, handle multiple projects simultaneously, lead a varied team in a variety of security related work functions and the ability to adapt to critical timelines. This role will be required to travel up to 10% of the time. What Is Desired:
Experience in a converged cyber and Physical Security department Experience in business/industry (beyond IT), and experience in business beyond the electric and gas utility space Experience managing cross-functional teams or projects, and influencing senior-level management and key stakeholders ITIL, PMI Knowledge of physical security controls and concepts desired Project Management fundamentals desired. Ability to lead and mentor coworkers in security and job-related functions. About our Company: We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice. Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas). Enjoy our Comprehensive Benefits Package! Annual discretionary bonuses, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, generous paid time off benefits, including paid holidays and parental leave, company paid life insurance and disability benefits (short and long term), an employee assistance program and well-being benefits, and competitive medical, dental and vision insurance. Candidates must successfully pass a pre-employment drug screen and background check. If there is anything that may show up in these reports that may conflict with the position requirements, feel free to contact the Black Hills Energy recruiting team at jobs@blackhillscorp.com. Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran. If you require reasonable accommodation, please visit careers.blackhillsenergy.com for more information. Wage: $103,150 - $170,200