Black & Veatch
Cybersecurity Architect
The Cybersecurity Architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. Black & Veatch's Business Enablement consists of critical groups that help enable the organizations people, projects, and businesses to be as successful as possible. Functions in this group include Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services. Planning and Design Activities: Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers Develops security strategy plans and roadmaps based on sound enterprise architecture practices for all environments including cloud and on-premise infrastructure Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations Determines baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM) Develops standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria Drafts security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the chief information security officer (CISO) Documents and addresses organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Stays up-to-date on the latest security technologies, trends, and best practices. Collaboration: Liaises with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data for third party providers Evaluates the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assesses the providers' audit reports for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams Coordinates with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems Liaises with other security architects and security practitioners to share best practices and insights Liaises with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occurs Participates in application and infrastructure projects to provide security-planning advice Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls Serves as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls. Management Responsibilities: Supervises work of others. Responsible for hiring, discipline, and pay administration of their subordinates. Preferred Qualifications: Appropriate industry certification like ISC2's CISSP Direct, hands-on experience or strong working knowledge of managing security infrastructure
e.g., cloud, firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology. Direct, hands-on experience or a strong working knowledge of vulnerability management tools. Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services. Experience securing the deployment of applications and infrastructure into public cloud services. Minimum Qualifications: Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field. 10+ years of relevant experience All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Work Environment/Physical Demands: Typical office environment Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments.
The Cybersecurity Architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. Black & Veatch's Business Enablement consists of critical groups that help enable the organizations people, projects, and businesses to be as successful as possible. Functions in this group include Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services. Planning and Design Activities: Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers Develops security strategy plans and roadmaps based on sound enterprise architecture practices for all environments including cloud and on-premise infrastructure Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations Determines baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation and identity and access management (IAM) Develops standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria Drafts security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the chief information security officer (CISO) Documents and addresses organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle. Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan. Stays up-to-date on the latest security technologies, trends, and best practices. Collaboration: Liaises with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data for third party providers Evaluates the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assesses the providers' audit reports for security-related deficiencies and required "user controls" and report any findings to the CISO and vendor management teams Coordinates with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems Liaises with other security architects and security practitioners to share best practices and insights Liaises with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occurs Participates in application and infrastructure projects to provide security-planning advice Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls Serves as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls. Management Responsibilities: Supervises work of others. Responsible for hiring, discipline, and pay administration of their subordinates. Preferred Qualifications: Appropriate industry certification like ISC2's CISSP Direct, hands-on experience or strong working knowledge of managing security infrastructure
e.g., cloud, firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology. Direct, hands-on experience or a strong working knowledge of vulnerability management tools. Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services. Experience securing the deployment of applications and infrastructure into public cloud services. Minimum Qualifications: Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field. 10+ years of relevant experience All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. Work Environment/Physical Demands: Typical office environment Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments.