Cyber Security Architect

Cyber Security Architect role is responsible to drive Secure by Design strategy across Garrett. The role will enable security architecture solutions for IT Solutions deployed across Garrett IT and Manufacturing Plants IT landscape. The role will be responsible to drive reference architecture for a secure IT environment.

The role will drive Cyber Security Architecture reviews to evaluate Enterprise IT architecture identify Cyber Security risks & recommend mitigation approaches. Define and implement Cyber Security technology roadmap to integrate advanced technologies such as AI/ML Blockchain Quantum safe cryptography.

Define defence in depth approaches for all functional IT areas applications software development Dev-Ops networking end user computing cloud etc.

Key Job Areas of Responsibilities

2.1 Security Architecture Secure by Design & Zero Trust Architecture

• Drive a standardized Security Architecture governance program to advance consistent architecture practices for all critical IT applications & infrastructure including Cloud SaaS services such as AWS O365 Oracle HCM Onshape Rescale Salesforce etc
• Drive Secure by Design strategy to proactively build-in security practices across IT landscape including infrastructure & application architecture
• Drive Zero Trust architecture by ensuring right level of network segmentation & authentication approaches
• Enable the right integration of Cyber security requirements in new programs drive architecture reviews security architecture risk assessments; studying architecture/platform; identifying integration issues
• Define & drive Cyber security technology roadmaps to enable right level of threat detection and prevention capabilities for Garrett
• Continuous focus on Security technology roadmap enhancements to integrate advanced technologies such as AI/ML Blockchain Quantum safe cryptography
• Integrate best practices and strengthen cyber security systems by evaluating network and security technologies; developing security architecture requirements for networks (LAN/WANs/VPNs) routers firewalls and related security and network devices
• Design public key infrastructures (PKIs) including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards
• Responsible to define Cyber Security Technology stack to support overarching Cyber Security Strategy & mitigate emerging cyber security threats
• Responsible to define Cyber Security Reference Architecture for key use cases across all IT Strategic initiatives such as Data Lake eCommerce Parametric Design for Engineering Cloud Security DevOps Containerization project unique to organization line of business and functional teams
• Drive Cyber Advisories by analyzing the latest threats from industry and providing concise advisories to Garrett stakeholders
• Responsible to establish & deploy Security baseline configurations for datacenters IT and Plant WANs routers firewall and related network devices
• Define defense in depth approaches for all functional IT areas applications software development Dev-Ops networking end user computing cloud etc

2.2 Architecture Reviews & OEM Customer Interface

• Responsible to develop specific Cyber Security controls based on Automotive OEM customer requirements & drive implementation across IT & Manufacturing Plant OT environments
• Responsible for defining and implementing Cyber Security controls and technology required by customer to enable right level of protection for sensitive & confidential data
• Represent Garrett Cyber Security team with OEM Customers such as Daimler GM etc to develop confidence in Garretts Cyber Security practices and collaborate in securing customer data and adherence to the customer requirements for security controls
• Collaborate with stakeholders across Engineering ISC Common Functions Sales & Marketing Comms etc to define & implement Cyber Security architecture solutions to meet Customers Cyber Security requirements
• Collaborate with Enterprise Architecture team to advance Cyber Security Architecture priorities
• Review the security requirements draft Threat Modelling for the architecture document the Cyber Security requirements to mitigate the security risks with the system

2.3 Cloud Security Governance

• Global responsibility for defining & driving Cloud Security governance program to meet business requirements for all SaaS services and other cloud services such as AWS O365 Onshape Coupa HR services and other critical services hosted on the cloud for the organization
• Be a critical decision maker in selecting new cloud services by reviewing cloud security architecture before a new service is selected
• Responsible for Cyber Security architecture & design solutions for applications hosted in AWS
• Responsible to establish & deploy Cyber Security baseline configurations for AWS
• Collaborate with Enterprise Architecture to implement Cloud native Cyber security reference framework and knowledge repository
• Create layered core secondary and tertiary Cyber Security controls for implementing and executing cloud services

2.4 Secure Product Life Cycle

• Responsible for defining Secure product development life cycle & integration of security development practices into DevOps life cycle across IT & COV product development
• Be proactive in evaluating the industry trends on new technologies and methods to advance Cyber Security architecture and technologies
• Participate in the technical evaluation and testing of hardware and software for possible impact on systems security or for risk to intellectual property
• Establish & report Cyber Security Architecture KPI metrics
• Provide guidance to maintain up-to-date Security Policies and Procedures

Education / Qualifications

• Bachelors degree in Information Technology or related discipline

Experience Required

• 15 years of total experience & 10 years of relevant experience in Cyber Security Architecture areas
• Possess leadership skills to be able to directly and or indirectly influence the business functions to successfully implement security projects
• Demonstrated proficiency with the IT Security Common Body of Knowledge required for enabling security concepts on varied technology
• Good experience in implementing Zero Trust architecture Network segmentation & related authentication approaches
• Demonstrated experience in maintaining common IT security technologies such as firewall VPN PKI E-business and web technologies vulnerability & risk assessment intrusion detection event correlation DMZ Extranet etc
• Intermediate to advanced knowledge of routing switching and bridging in LAN/WAN multi-national environments
• Experience in Secure DevOps and container technology experience on Cloud Security and technologies
• Collaborate with Cloud Security Architecture for an integrated security governance program for the organization
• Strong understanding of Cyber Security concepts
• Experience with performing or reviewing enterprise risk assessments
• Experience with evaluating or writing security standards / baseline to meet compliance requirements
• Ability to work independently with limited supervision

Key Skills and Knowledge

• Expertise and demonstrated experience in architecting and deploying solutions serving operational and analytical needs from both an infrastructure (security controls Endpoint security Network Security Active Directory SIEM Data Protection Encryption etc.) and data (securing and managing access to conversion approaches archiving monitoring etc.)
• Experience in influencing customers and extended Project Teams
• Communicating effectively in writing as appropriate for the needs of the audience
• Good expertise in Security architecture methodologies such as threat modeling architecture reviews etc
• Abreast of both old and new security vulnerabilities and continually keep up to date on the latest security best practices and technologies
• Strong knowledge of cryptography as it relates to computer and network security as well as file and email encryption required
• Proficiency in performing architecture reviews and ranking risks
• Strong demonstrated project management skills
• A self-starter with limited supervision & able to work effectively in a global diverse environment
• Review the security requirements draft Threat Modelling
• Certifications like CISSP CCSP are desirable