Exelon Prin Cyber Security Architect in OAKBROOK TERRACE, Illinois
PRIMARY PURPOSE OF POSITION
The Principal Cyber Security Architect (PCSA) partners with IT and business teams to provide expert leadership to drive security technology and security reference architecture solutions by weighing the advantages of security technology standards, market availability of products, and risks and benefits of security technology introduction into Exelon’s computing environments. The PCSA provides comprehensive consultation to business units and IT management and staff at the highest technical level for all aspects of the security architecture domain. The PCSA develops and maintains business, systems, and IT/OT processes to support enterprise mission needs and requirements; translates technology and environmental conditions (e.g., law and regulation) into IT/OT rules and requirements that describe baseline and target security architectures. The PCSA designs enterprise and systems security throughout the development lifecycle; translates technology and environmental conditions (e.g., law and regulation) into security designs and processes. The PCSA operates independently with little or no direct supervision.
PRIMARY DUTIES AND ACCOUNTABILITIES
Provide technical and security expertise to IT and business teams to identify security technology solutions and develop security reference architectures and strategies to achieve business results. Ensure appropriate implementation of security technology and reference architectures within both the development and production environments. Analyze user needs and requirements to plan architecture.
Design and develop enterprise-wide security architecture and strategy for all aspects of the security domain in alignment with the business strategy and goals. Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements. Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
Provide technical guidance and security expertise in the areas of secure application development, security architecture risk management and assessment, security policies and standards, security architectures and implementations.
Provide technology and security expertise and advice to IT leadership in the development of strategic security technology and plans to support business strategies. Translate proposed capabilities into technical requirements.
Establish, maintain, and enhance relationships with business and IT partners. Communicate status to key stakeholders on a regular basis.
Maintain awareness of trends and issues in area of security expertise, evaluate new security technologies or technology opportunities, and provide analysis of their potential impact to advantage the business.
Bachelor’s Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 8 or more years of solid, diverse experience in cyber security architecture and design, or equivalent combination of education and work experience.
Appropriate technical skills and in-depth knowledge of business unit functions and applications, including:
Expert knowledge of authentication, authorization, and access control methods.
Expert knowledge of computer algorithms
Expert knowledge of encryption algorithms
Expert knowledge of cryptography and cryptographic key management concepts
Expert knowledge of database systems
Expert knowledge of embedded systems
Expert knowledge of system fault tolerance methodologies
Expert knowledge of how system components are installed, integrated, and optimized
Expert knowledge of human-computer interaction principle
Expert knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Ability to design architectures and frameworks
Skill in applying cybersecurity methods, such as firewalls, demilitarized zones, and encryption
Expert knowledge of network access, identity, and access
Expert knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
Expert knowledge of network design processes, to include understanding of security objectives, operational objectives, and tradeoffs
Expert knowledge of parallel and distributed computing concepts
Expert knowledge of key concepts in security management (e.g., Release Management, Patch Management).
Expert knowledge of configuration management techniques
Expert knowledge of cloud computing
Job Information Systems
Organization: BSC Information Technology
Title: Prin Cyber Security Architect
Location: IL-OAKBROOK TERRACE
Requisition ID: 211642