Position Description Summary

S&C Electric Company is a global provider of equipment and services for the highly competitive electric power industry. We are seeking a Security Engineering Architect to join our high-performance and cross-functional organization, working under minimal supervision to support and influence change within S&C’s growing business environment across 19 offices in 6 different countries.

The Security Engineering Architect is part of the S&C Enterprise Cyber Security team, charged with protecting S&C business assets and information. This role provides subject matter expertise in designing and evolving the cybersecurity strategy to protect S&C’s mission and business processes across all aspects of the Information Technology and Operational Technology enterprise architecture. The Security Engineering Architect works collaboratively to design and implement a Zero Trust strategy and architecture, including security strategies for data, applications, access management, identity, and infrastructure. The Security Engineering Architect also evaluates Governance Risk Compliance (GRC) technical and security operations strategies, participates in the development of technical and security standards, develops comprehensive cyber security processes for security tools and provides support to the Cyber Security Operations team as needed.

The Security Engineering Architect continuously collaborates with leaders and practitioners in IT and OT security, privacy, and other roles across the organization to plan and implement a cybersecurity strategy that meets S&C’s business needs.

A candidate for this role should have advanced experience and knowledge in a wide range of security engineering areas including identity and access, platform protection, security operations, securing data and securing applications. They should also have experience with OT, hybrid, and cloud environments.

Position Responsibilities

• Provide cyber security architectural vision to address security trends and emerging threats to further enhance cyber security program.
• Coordinate, develop, and evaluate security programs for the organization.
• Collaborate with business units to identify and prioritize security strategies, project design and implementation to deliver improved security capabilities.
• Design, develop, and implement cyber security policies, standards, and processes.
• Lead cyber security engineering principles within standards, access-control methods, network patterns, and security hygiene methods.
• Oversee in technical design reviews, implementation, testing, and documentation work.
• Guide technology teams to develop cyber security-compliant build and change control processes.
• Oversee cyber security project teams to ensure successful implementation of engineering-delivered solutions.
• Responsible for the implementation and maintenance of cyber security tools as well as network and cloud-based security systems.
• Perform on-demand risk assessments at enterprise, business unit, technology, and application levels.
• Consult and participate in the technical integration design between systems.
• Responsible for integration of Cybersecurity solutions in support of business strategies.
• Responsible for cyber security solution lifecycle activities.
• Drive endpoint and system hardening methodologies and collaborate to remediate vulnerabilities.
• Oversee 3rd party risk and open-source software assessments and security vendor management.
• Participate in incident response program maintenance and incident response efforts as required.
• Participate in threat and vulnerability management to include scanning, remediation, and reporting.
• Participate in penetration testing efforts.
• Oversee ongoing activities and strategic planning efforts intended to address security trends and emerging threats, and to further enhance cyber security programs.
• Provide ongoing teaching and mentoring to other team members and business areas.

Qualifications and Education Requirements

• Bachelor's degree with a concentration in cyber security, computer science, information systems management, or other technology related field OR 5+ years of specialized experience.
• 10+ years’ experience working in a Cyber Security Engineering role or delivering cyber security technical projects.
• Must possess broad knowledge of IT and OT technology and systems architecture.
• Demonstratable experience of project management on cyber security projects.
• Deep understanding of Control Frameworks and Risk Management techniques.
• Broad experience with various network defense toolsets.
• Proficient in recognizing cyber threat exploitation patterns and mitigating factors.
• Strong investigative, root cause analysis, conflict resolution and negotiation skills.
• Proven problem solving, critical thinking and business risk analysis skills.
• Demonstrated ability to effectively communicate complex technical information and to others.
• Experience in cyber threat hunting.

Preferred Requirements

• Multiple certifications in Security/Networking including Security+, GSEC, GCIA, GCIH, CISSP, or other security-specific vendor/product certifications.
• Project Management Professional (PMP) certification.
• Supervisory experience in high-performance team setting.

Major Physical Demands

Physical demands are those normally associated with an office environment.

#LI-KD1

S&C is a global company providing equipment and services for electric power systems. Founded in 1911, the Chicago-based company designs and manufactures switching and protection products for electric power transmission and distribution. S&C’s Engineering teams design solutions for a portfolio of products for a wide range of customers including electric utilities and industrial/commercial power users. S&C offers broad opportunities for advancement, excellent education and training programs, a challenging work environment, and a strong package of pay and benefits.

The Human Energy of S&C has been built on the principles of integrity, enthusiasm, and sustained energy. These are the traits that S&C has always looked for and found when seeking people to join our 100% employee-owned team. S&C would not be where it is today without the diversity of our team members and business partners. We consider our diversity to be a core strength of our company, and we aspire to align our team-member demographics with the populations in which we live and work. To realize this vision, we seek to facilitate the career development of minorities, women and all team members through events hosted by our Inclusion, Diversity, Engagement and Awareness (I.D.E.A.) Group, Women’s Empowerment Group and other S&C affinity groups.