Cybersecurity Architect - Enterprise Technology - Houston, TX

Primary Purpose

The Cybersecurity Architect for Enterprise Technology is responsible for the design, development, and deployment of technical solutions that enable the security architecture strategy and protect the organization's data deployed across systems against malicious activity and technology breaches. This role works with IT, HR, Legal, and business departments to design security architecture to address business requirements; to define the security infrastructure for the design and integration of new and existing systems (hardware, software, connectivity, and messaging). This person works as an intermediary between the business and technical community to understand business requirements, define the security architecture required and support the development and engineering teams with implementation, to ensure operational security and compliance in all stages of design and development.

Duties and Responsibilities

• Value Delivery, Strategy, and Planning
  
  
  
  • Responsible for the design and development of high-complexity, enterprise-wide cybersecurity architecture projects.
  • Formulates cybersecurity architecture design and development principles.
  • Works with subject matter experts, core engineering and product teams to devise new and innovative solution constructs and consistently update against security trends.
  • Contributes as a subject matter expert by staying current on the latest cybersecurity architecture trends; anticipates technological and policy shifts and their potential impact on security tools and technologies.
  • Regularly reviews program performance against program objectives and wider business objectives, and provides redirection where necessary.
  • Routinely advises senior management on a range of security-related issues (e.g., assessing the severity of weaknesses and deficiencies in the system, plans of action and milestones, risk mitigation approaches, security alerts, and potential adverse effects of identified vulnerabilities),
  • Determines program and project budgets, considering their relative priority, urgency, importance and contribution to the business strategy.
  
  
  
  
• 
  

  Delivery & Execution

  
  
  
  
  • 
    

    Defines and executes organizational security technologies lifecycle management framework.

    
    
  • 
    

    Leads the design and implementation of comprehensive vulnerability management programs.

    
    
  • 
    

    Evaluates interoperability of multiple security design and development tools.

    
    
  • 
    

    Leads design, development and implementation of enterprise security management methodologies and risk monitoring processes and systems.

    
    
  • 
    

    Establishes principles, blueprints and standards for information security and privacy.

    
    
  • 
    

    Develops mechanisms to effectively evaluate and resolve challenges of complex cybersecurity architecture.

    
    
  • 
    

    Supports Engineers in researching, reviewing, and recommending new security controls based on capability and need.

    
    
  • 
    

    Directs the implementation of technical controls, such as anti-virus, anti-spyware, intrusion detection and prevention, firewalls with oversight to the technical security of the environment.

    
    
  • 
    

    Provides guidance on new security concerns (ransomware, nation-state infrastructure attacks, etc.) and upcoming control technologies.

    
    
  • 
    

    Identifies emerging technologies and tools to support security, leveraging security solution alternatives, driving business requirements, and incorporating of new technologies in roadmaps.

    
    
  • 
    

    Creates and maintains standards in conjunction with Compliance and Engine.

    
    
  
  
  
  
• 
  

  Leadership

  
  
  
  
  • 
    

    Works with cross-functional IT and enterprise teams to build alignment and model commitment to high performance as "one team" .

    
    
  • 
    

    Drives the relationship and communications to inspire stakeholders like future users or customers with ideas and exemplary solutions through strategic scenarios and proposals.

    
    
  • 
    

    Responsible for functional area of mentoring and collaboration. Provides direction, motivation, and strategy of the functional area.

    
    
  
  
  
  
• Performs other duties as assigned (no more than 5% of duties).

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, or equivalent relevant work experience.
• 6+ years of experience working in Information security, Cybersecurity, or related field in a medium to large-sized company.
• 5+ years experience defining, developing, and maintaining security architecture reference models, design patterns, segmentation models, and solution architectures, including identity management, encryption, authentication, access control, and logging controls or related function.
• Ability to secure systems and applications leveraging security frameworks, including NIST or CSA, as they align to architecture frameworks, including TOGAF, BOST, SABSA, or ZTA, in cloud and non-cloud environments.
• Ability to assess risk of conceptual system architecture designs and providing recommendations to mitigate risk through security architecture and engineering principles.
• Ability to collaborate with project teams effectively to design, implement, integrate cybersecurity requirements and technology solutions, and develop high quality implementation plans and roadmaps.
• Knowledge of zero trust architecture (ZTA) principles and concepts for a data-centric approach to fine-grained security controls between users, systems, data, and assets.
• Knowledge of technology integration processes.
• Knowledge of IT Security tools and functions, including IPS/IDS, Firewalls, Antivirus and Antimalware software, Vulnerability Scanning, Penetration Testing, and behavioral and network monitoring.
• Ability to translate strategic priorities into operational reality, demonstrating strong decision-making skills.
• Demonstrated skills in working across cross-functional teams spread across multiple locations, involving the full range of technology platforms and solutions, as well as vendor personnel.

Preferred Qualifications

• Master's Degree in a relevant field.
• Experience leading security within operational technologies.
• Professional certifications in Information Security (SSCP, CISSP, CISM, GIAC, EC-Council) and specific IS certifications (CISA, CRSIC or CISM).
• Bilingual in English and Spanish.

HYBRID: Work a combination of onsite and remote days each week, typically 4 days per week onsite.

Information Technology

Full-time

Note: The Company strives to ensure that employees are paid equitably and competitively. Starting salaries may vary based on factors such as relevant experience, qualifications, and education.

Sempra Infrastructure offers a competitive total rewards package that goes beyond base salary. This position is eligible for an annual performance-based incentive (bonus) as well as merit-based recognition. Company benefits include health and welfare (medical, dental, vision), employer contributions to retirement benefits, life insurance, paid time off, as well as other company offerings such as tuition reimbursement, paid parental leave, and employee assistance programs.

Houston Center of Excellence-TXHS

Pay Range Pay Range

The estimated pay range for this job. Disclosing pay information promotes competitive and equitable pay.

The actual pay rate will depend on the person's qualifications and experience.

$141,800.00 - $212,700.00 / year

In order to support the Fair Compensation Strategy by the US Govt., HR Dept., clients are required to adhere to "Pay Transparency Law"; in the impacted states; that have mandated the employers to list the salary ranges in Job advertisements or postings for job opportunities and Job promotions.