Lead Security Architect

3169 Holcomb Bridge Rd, Jefferson Plaza
Norcross, Georgia, 30071
United States

WestRock (NYSE: WRK) partners with our customers to provide differentiated paper and packaging solutions that help them win in the marketplace. WestRock’s 45,000 team members support customers around the world from more than 300 operating and business locations spanning North America, South America, Europe, and Asia. Learn more at www.westrock.com .
Our technology organization is transforming how we work at WestRock. We align with our businesses to deliver innovative solutions that:
address specific business challenges, integrate processes, and create great experiences.

connect our work to shared goals that propel WestRock forward in the Digital Age.

imagine how technology can advance the way we work by using disruptive technology.

We are looking for forward thinking technologists that can accelerate our focus areas such as building stronger foundational technology capabilities, reducing complexity, employing digital transformation concepts, and leveraging disruptive technology.

The opportunity :
The WestRock Lead Security Architect is responsible for helping to drive deep technology conversations with WestRock business partners. This role will assist in analyzing technical solutions to ensure focus in areas such as security, integration, and application development. The role will help drive some of implementation and strategic opportunities issued by the office of Chief Information Security Officer.
This position will also have dotted line reporting responsibilities with multiple project managers and teams within Information Security and will coordinate within IT to ensure projects and programs are designed and architected with security included.

How you will impact WestRock:
Actively engage and lead strategic engagements with regards to both technical and business values.

Work closely with project teams to identify and mitigate security and privacy risks, fully understand business priorities and strategy, and

lead technical presentations with key stakeholders.

Actively contribute to the internal Cloud Architecture Review Board by participating in calls, publishing reference architectures, and creating decks and other reusable assets for technical topics.

Identify security trends and relate to current and future needs of project teams as well as security and privacy standards.

Translate business requirements into well-architected solutions.

Document technical solutions that are aligned with critical business objectives.

Lead the stand up of necessary system software, hardware, and equipment (physical or virtual) to meet changing infrastructure needs.

Leverage tooling and custom applications to monitor the operational status of applications, infrastructure, networks, databases, and security; optimizes and tune performance as appropriate.

Drive root cause analysis, debugging, support, and post-mortem analysis for security incidents and service interruptions.

Open and manage vendor problem to resolution.

What you need to succeed:
Experience as a system security administrator

Experience with best-practice and implementation frameworks for zero trust, SSO, MFA, adaptive and risk-based authentication, ephemeral credentials, secrets management, role/attribute/policy-based access controls, and cloud native identity and access solutions.

Experience implementing and integrating with enterprise-grade systems that are highly scalable, performant, reliable, and secure in global environments.

Experience with published standards, guidance, best practices, profiles, and frameworks related to IAM and cyber security and practical implementation in an enterprise (NIST, ISO, SANS CIS Critical Security Controls).

Experience with at least one of the major cloud providers (AWS, Azure, GCP), cloud-native architectures, data security and integration services.

Strong problem-solving skills.

Demonstrated ability to build relationships and establish key partnerships.

Strong oral and written communication skills.

Bachelor’s Degree in a related field of study, including any of the following but not limited to: Information Systems, Network Engineering, or Information Security.

7+ years of experience working in security architecture, operations, design, or development.

Strong experience across multiple security domains relative to Data Protection, IT RiskNetwork SecurityApplication SecuritySecurity Operations, and Identity and Access Management.

Working knowledge of encryption concepts and implementation methods.

Working knowledge of remote access technologies and implementation best practices.

Knowledge of security operations including change management, incident management, configuration management, and vulnerability management.

Ability to manage multiple engagements and prioritize workload.

Expert level understanding of identity management and lifecycle, privileged access, access governance, contextual access, authorization, authentication and next generation authentication signals, access delegation, directory services, and certificate lifecycle management.

Experience with identity standards and protocols including SAML, OAuth, OIDC, SCIM.

At least one relevant industry certification – CISSP, CISM, CISA, etc.

Knowledge of IT and security frameworks, such as NIST or CIS.

Experience with public cloud security architecture and solutions.

Experience with integrating security with agile development teams.

Experience with wireless security controls.

What we offer:
Corporate culture based on integrity, respect, accountability, and excellence.

Comprehensive training with numerous learning and development opportunities.

An attractive salary reflecting skills, competencies, and potential.

A career with a global packaging company where Sustainability, Safety and Inclusion are business drivers and foundational elements of the daily work.

More Information

Apply for this job

Leave your thoughts

Share this job