CYBER SECURITY ARCHITECT

Company Generac Power Systems

Name Cyber Security Architect

Req # 59212

Location Waukesha CORP

Employment Type Full Time

Shift 1st

At Generac, Our People help make the world safer, brighter and more productive. United by our Values, people with diverse backgrounds and points of view work together to ensure our global customers have peace of mind.
We are a team of builders and doers who share a passion for innovation and a desire to outpace others. As an inclusive workplace, we empower our employees to embrace diversity in all forms, celebrate our differences, and treat everyone with equity and respect. At Generac, our success is powered by Our People.
Generac has not only seen success as a company but we have compassion for communities where we live and work. We are the #1 company in storm response, throughout the company’s history, we have remained passionate about helping those in need, both in our day-to-day roles and in our efforts to give back. This commitment is our responsibility, pride and passion
The Cybersecurity Architect is responsible for planning, designing, testing, implementing, and maintaining Generac’s computer and network security infrastructure. This role is also responsible for the management of security and data privacy risk across the full lifecycle of our products, platforms, and service offerings. It requires expertise in secure software development practices to ensure security and privacy by design requirements are fulfilled and that products are released to market with strong cybersecurity as a core feature. In this role, you will play a pivotal role in managing cybersecurity risk, differentiating Generac, and enabling business success.

Essential Duties and Responsibilities:

  • Plan, design, test, implement, and maintain Generac’s computer and network security infrastructure by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices–work collaboratively with the Network team to review and approve installation of these technologies
  • Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
  • Identify cybersecurity opportunities that enhance our security posture and improve the customer experience
  • Develop and maintain a regular security testing strategy by monitoring and testing security mechanisms and systems to ensure they behave as expected and comply with standards, policies, and procedures
  • Conduct risk assessments, test for vulnerabilities, perform security evaluations
  • Coordinate and manage penetrations testing and perform health checks
  • Assist coordination of third-party penetration testing vendor engagements with product teams
  • Design security architecture elements to mitigate threats as they emerge
  • Application Security — work closely with organizational Project Managers and System Design architects to plan, research and design reliable, powerful, and flexible security architectures and requirements for all IT projects and confirm their integration within the appropriate phases of the Systems Development Life Cycle (SDLC)
  • Drive policy compliance and high quality for secure SDLC activities – security requirements, security architectures, threat and attack models, supply chain security, code reviews, AST, SAST, DAST, IAST, penetration testing, and security hardening
  • Review product architectures for security design gaps and vulnerabilities and consult with appropriate teams to remediate or mitigate cyber risk
  • Oversee, manage, and provide reporting and metrics from Firewalls, Anti-VirusMalware, Intrusion Detection / Prevention (IDS/IPS), Domain Name Services (DNS), Vulnerability scanners, and other security solutions that comprise the Security Architecture of Generac.
  • Periodically assess security policies, standards, and metrics to drive improvements that help Generac adapt to evolving regulatory, customer, and threat environments.
  • Drive efforts to advance innovative security features, capabilities, and practices.
  • Devise an overarching security strategy and help develop and maintain a continuing 3-year Cybersecurity Roadmap that aligns with the overall business and technology strategy
  • Determine security requirements by evaluating business strategies and gathering requirements
  • Design, develop, implement, and manage SaaS Review Process
  • Assist in management of Security Exception Process
  • Assist with day-to-day CyberSecurity responsibilities including managing the spam@generac.com mailbox, conducting phishing campaigns, and collecting cybersecurity metrics
  • Mitigate damages during a cyber-attack and respond to threats quickly
  • Promptly respond to all security-related incidents and provide thorough post-event analyses
  • Research, design, install, and maintain public key infrastructures (PKIs), certification authorities (CA), and digital signatures as well as hardware and software; adhering to industry standards and ensuring all personnel have IT access limited to their need and role in the organization
  • Enhance department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
  • Support company response to customer audits and inquiries pertaining to product security.
  • Support internal audits and assessments to identify risks and determine mitigation actions.
  • Support product security committees, boards, councils and working groups.
Minimum Qualifications:
  • Bachelor’s degree or equivalent experience
  • 7 years working in Information Technologies
  • 3 years working with network protocols (TCP, UDP, DNS, FTP, SMTP, DHCP, etc.)
  • 3 years working with Cybersecurity Methodologies & Technologies
  • 3 years experience in information security and IT risk management with a focus on security, performance, and reliability
Preferred Qualifications: 
  • Experience in manufacturing environment
  • Global experience in information security and IT risk assessment, with a strong understanding of security protocols, authentication, and security
  • CISSP, CCSP, OSCP, CEH or related cybersecurity certifications
  • Strong experience with AWS services and cloud security controls and preferably hands-on experience with Azure and GCP
Knowledge, Skills, and Abilities: 
  • The ability to think like a malicious hacker to anticipate and defend one’s organization against information security risks
  • Outstanding communication skills; strong critical thinking and analytical skills and the ability to work collaboratively and communicate effectively with key stakeholders
  • The experience and technical expertise to build security infrastructure from scratch or update existing systems in response to ongoing changes in the security landscape, including new risks and adherence to applicable regulations
  • Strong leadership, project and team-building skills, including the ability to lead teams and drive initiatives in multiple departments
  • Demonstrated ability to identify risks associated with business processes, operations, technology projects and information security programs
  • Ability to function as an enterprise security subject matter expert who can explain complex topics to those without a technical background
  • Collaborate with the business and support teams to incorporate strong security controls, apply security best practices in our development life cycle, and mitigate security vulnerabilities.
  • Knowledge of Windows, UNIX, and Linux
  • Experience with the various aspects of wireless security such as routers, switches, and VLAN security
  • Knowledge of security concepts related to DNS, including routing, authentication, VPN, proxy services, and DDOS mitigation technology
  • Technical and operational excellence, thought leadership, and integrative thinking.
  • Expert knowledge and practical product and software security experience, including secure SDLC practices, security and privacy by design architectures, and secure by default configurations.
  • Strong problem-solving skills to analyze cybersecurity issues and requirements (legal/regulatory, policy, customer, industry standards) and relate them to appropriate security controls.
  • Experience supporting software security governance and compliance activities, i.e. metrics, assessments, audits, exercises, risk frameworks, and maturity models
  • Experience with Microsoft Azure, Zscaler and Identify Access Management (IAM) systems and familiarity with technology risk management related frameworks such as NIST, SANS, ISO, ITIL and GDPR
  • Solid understanding of security protocols, cryptography, authentication, authorization, and security
  • Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
  • Ability to interact with a broad cross-section of personnel to explain and enforce security measures
  • A strong working knowledge of current IT risks and experience implementing security solutions
  • A grasp of perimeter security controls such as firewalls, IDS/IPS, network access controls, and network segmentation
  • Experience with the various aspects of wireless security such as routers, switches, and VLAN security
  • Knowledge of security concepts related to DNS, including routing, authentication, VPN, proxy services, and DDOS mitigation technology
  • An understanding of third-party auditing and cloud risk assessment methodology
  • Superior interpersonal, organizational, written/verbal communication, and presentation skills
  • Ability to build trust with stakeholders and explain complex security topics to all audiences
  • Thorough understanding of what it takes to build and operate secure systems at scale
  • Passion for building secure, reliable, and scalable services in collaboration with multiple teams
  • Excellence at creating clarity and alignment for technical initiatives
Physical Demands: While performing the duties of this job, the employee is regularly required to talk and hear; and use hands to manipulate objects or controls. The employee is regularly required to stand and walk. On occasion the incumbent may be required to stoop, bend or reach above the shoulders. The employee must occasionally lift up to 25 pounds. Specific conditions of this job are typical of frequent and continuous computer-based work requiring periods of sitting; close vision and ability to adjust focus. Occasional travel.
Great Reasons to work for Generac: 
  • Competitive Benefits: Health, Dental, Vision, 401k and many more
  • State-of-the-art facility with an onsite gym, walking trails, café, free parking and many employee activities
  • Scheduled events throughout the year that allow our employees, both current and retirees, to gather together and enjoy their time with their families and co-workers
  • Enjoy summer hours (Memorial Day – Labor Day)
  • Pride! When a storm strikes, Generac employees always rise to the occasion. Each time a storm hits many employees volunteer their time with the customer support team or on the production line while others go right into storm-affected areas to repair generators
  • We believe in having fun. From minor celebrations to major events, our employees balance their work by building a strong culture of teamwork and collaboration through a variety of occasions, including our Fun Days.
  • Every day is Jeans Day! Dress for your day.
  • Product loan and discount programs
“We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.”

More Information

Apply for this job

Leave your thoughts