Date: May 2, 2022
Location: Crystal Lake, IL, US, 60014 Charleval, 27, FR, 27380 Chonburi, Chonburi , TH, 20000 Annecy, 74, FR, 74650 Guangzhou, GD, CN, 510700 Auburn, AL, US, 36832 Auburn, AL, US, 36832 San Giovanni Teatino, CH, IT, 66020 Suzhou, JS, CN, 215123 Radolfzell, BW, DE, 78315 Villepinte, 93, FR, 95944 Dortmund, NW, DE, 44319 Navi Mumbai, MH, IN, 400701 Paramus, NJ, US, 07652 Atlanta, GA, US, 30336 Orlando, FL, US, 32801 Cali, VAC, CO, 763537 Baltimore, MD, US, 21227 Louveciennes, 78, FR, 78431 Shibuya, Tokyo, JP, 150-0002 Camacari, BA, BR, 42849-000 Niederbronn-les-Bains, 67, FR, 67110 Torello, B, ES, 08570 Newport, Wales, GB, NP44 3XU Milano, Milan, IT, 20090 Villingen-Schwenningen, BW, DE, 78052 Mezzovico, TI, CH, 6805 Libertyville, IL, US, 60048 McHenry, IL, US, 60050 Le Vaudreuil, 27, FR, 27100 Weihai, SD, CN, 264204 Le Neubourg, 27, FR, 27110 Daqing, HL, CN, 166200 Tortuguitas, B, AR, 1667 Crystal Lake, IL, US, 60014 Ballinasloe, Ireland, IE Suresnes, FR, 92150 Madrid, ES, 28045 Hyderabad, TG, IN, 501401 Louveciennes, 78, FR, 78431 Radolfzell, BW, DE, 78315 Singapore, SG, 188778 Verneuil d’Avre et d’Iton, 27, FR, 27130 Dallas, TX, US, 75235 Lincolnton, NC, US, 28092 Cikarang – Bekasi, West Java, ID, 17530 Sant Cugat del Vallès, B, ES, 08173 Milton Keynes, ENG, GB, MK15 0DF Dallas, TX, US, 75235 Shanghai, CN, 200041 Alcalà de Henares, M, ES, 28806 Midland, MI, US, 48642 Menden, NW, DE, 58706 Martignat, 01, FR, 01100 US Poincy, 77, FR, 77470 Suzhou, JS, CN, 215123 Freyung, BY, DE, 94078 Trumbull, CT, US, 06611 Louveciennes, 78, FR, 78430 El Marques Queretaro, Querétaro, MX, 76246 Eigeltingen, BW, DE, 78253 Leeds, ENG, GB, LS27 0LL Groissiat, 01, FR, 01100 Annecy, 74, FR, 74650 Martignat, 01, FR, 01100 Elgin, IL, US, 60124 Milton Keynes, ENG, GB, MK15 0DF Ceske Budejovice, Jihocesky, CZ, 37001 Mukwonago, WI, US, 53149 Suzhou, JS, CN, 215123 Louveciennes, 78, FR, 78430 Oyonnax, 01, FR, 01100 Gibsonia, PA, US, 15044 Val de Reuil, 27, FR, 27100 Congers, NY, US, 10920 Berazategui, B, AR, B1893GOA Cambridge, MA, US, 02140 Manoppello Scalo, PE, IT, 65024 Ckyne, Jihocesky, CZ, 38481 Granville, 50, FR, 50407 Brecey, 50, FR, 50370 Maringa, PR, BR, 87065-090 Niederbronn-les-Bains, 67, FR, 67110 Sant Cugat del Vallès, B, ES, 08173 Dubai, Dubai, AE Villingen-Schwenningen, BW, DE, 78052 Freyung, BY, DE, 94078 Eatontown, NJ, US, 07724 Vladimir, RU, 600033 Cary, IL, US, 60013 Newport, Wales, GB, NP10 8FY El Segundo, CA, US, 90245 Cali, Bogotá D.C., CO, 760045 Jundiai, São Paulo, BR, 13213-173 Cajamar, São Paulo, BR, 07750-020 Amsterdam, NY, US, 12010 Cary, IL, US, 60013 Annecy, 74, FR, 74005 Suzhou, JS, CN, 215123 Congers, NY, US, 10920 Guangzhou, GD, CN, 510700 Ningbo, ZJ, CN, 315000
The Senior Security Architect plays an integral role in defining and assessing the organization’s security strategy, architecture, and practices. The Senior Security Architect will be responsible for delivering enterprise-class security solutions for Aptar through strong architecture and implementation experience across cybersecurity framework functions (Identify, Protect, Detect, and Respond) in support of Aptar’s on premise, cloud platforms and hybrid cloud environments.
The Senior Security Architect will be responsible for the following activities and functions:
Planning and Design Activities
- Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
- Develops security strategy plans and roadmaps based on security and enterprise architecture best practices
- Develops and maintains security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
- Primary security architect role for the following domains:
- Network Security (protect the most critical assets while migrating traditional network security functions to cloud-based delivery)
- Cloud/IaaS Security (protect cloud-native application workloads, and ensure the correct and compliant configuration of cloud infrastructure)
- Vulnerability Management (develop capabilities to manage exposures to systems and assets across the environments that the business and IT operate)
- Security Operations (create optimized processes and functions, along with related governance structures and activities). The role also includes incident response planning and execution and oversees security incident response program development.
- Drafts security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the Head of Cybersecurity
- Develops incident response plans and establishes a taxonomy of indicators of compromise (IOCs) and shares this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the Aptar IS organization.
- Tracks developments and changes in the digital business and threat environments to ensure that they’re adequately addressed in security strategy plans and architecture artifacts
- Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
- Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
- Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application to apply appropriate controls in their security domains.
- Ensures a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
- Reviews network segmentation to ensure least privilege for network access
- Supports the testing and validation of internal security controls, as directed by the Head of Cybersecurity or the internal audit team
- Reviews their primary domain security technologies, tools and services, and makes recommendations to the broader security team for their use, based on security, financial and operational metrics
- Coordinates with operational and facility management teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems.
- Liaises with other security architects and security practitioners to share best practices and insights
- Consults with other subject matter experts and functional groups within the Aptar IS organization on security related topics and needs.
A successful Security Architect candidate will have the expertise and skills described below.
Minimum requirement of a bachelor’s degree or technical equivalent degree.
The security architect is expected to contribute his or her insights to colleagues in the security team and the Head of Cybersecurity, as well as colleagues within internal audit, risk management and other line-of-business teams. To ensure that security-related matters are adequately conveyed, the following skills are required:
- Strategic planning skills — The security architect must interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers.
- Communication skills — The security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The security architect should anticipate presenting analyses in person and in written formats.
- Financial analysis — As part of the due diligence of security technologies, the security architect will be expected to evaluate the financial costs of recommended technologies. Specifically, the security architect will need to quantify purchasing and licensing options, estimate labor costs for a given service or technology, and estimate the total cost of operation (TCO), the ROI, or the payback period for services or technologies replacing existing capabilities.
- Project management — Security services and technology implementations will require solid project management skills. The security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization.
Knowledge and Skills
Security architects will be expected to demonstrate the following key behaviors and competencies as they fulfill the core responsibilities of their roles:
- Adaptability — Demonstrates flexibility within a variety of changing situations, while working with individuals and groups. Changes his or her own ideas or perceptions in response to changing circumstances. Alters standard procedures, when necessary and multitasks when required.
- Business Acumen — Demonstrates an awareness of internal and external dynamics, and an acute perception of the dimensions of business issues. Conducts research and identifies, collects and analyzes information about markets, economies, technology trends and business operation issues to make informed decisions. Develops approaches and solutions that are clearly linked to the organizational strategies and goals for optimal performance.
- Conceptual Thinking — Synthesizes facts, theories, trends, inferences and key issues and/or themes in complex and variable situations. Recognizes abstract patterns and relationships among apparently unrelated entities and situations. Applies appropriate concepts and theories in the development of principles, practices, techniques, tools and solutions.
- Openness to Learning — Takes personal responsibility for personal growth. Acquires strategies for gaining new knowledge, behaviors and skills. Builds on and applies existing knowledge. Engages in learning from others, inside and outside the organization. Tries new approaches and broadens the scope of work to learn from work assignments.
The security architect will evidence his/her knowledge of security and risk management through ongoing continuing professional education. The ideal candidate will maintain one or more of the following certifications, though they are not required:
- Check Point Certified Security Administrator (CCSA)
- Palo Alto Networks Certified Network Security Engineer (PCNSE)
- Cisco Certified Network Administrator (CCNA)
- SANS GIAC Security Essentials
- CompTIA Security+
- IaaS Cloud Security
Nearest Major Market: Chicago
- Address Crystal Lake, IL, USA
- Salary Offer $100.000 ~
- Experience Level Senior
- Total Years Experience 0-5