Hybrid Cybersecurity Architect - Enterprise Technology bei Sempra Infrastructure

Primary Purpose

The Cybersecurity Architect for Enterprise Technology is responsible for the design, development, and deployment of technical solutions that enable the security architecture strategy and protect the organization's data deployed across systems against malicious activity and technology breaches. This role works with IT, HR, Legal, and business departments to design security architecture to address business requirements; to define the security infrastructure for the design and integration of new and existing systems (hardware, software, connectivity, and messaging). This person works as an intermediary between the business and technical community to understand business requirements, define the security architecture required and support the development and engineering teams with implementation, to ensure operational security and compliance in all stages of design and development.

Duties and Responsibilities 

• Value Delivery, Strategy, and Planning 
  • Responsible for the design and development of high-complexity, enterprise-wide cybersecurity architecture projects.
  • Formulates cybersecurity architecture design and development principles.
  • Works with subject matter experts, core engineering and product teams to devise new and innovative solution constructs and consistently update against security trends.
  • Contributes as a subject matter expert by staying current on the latest cybersecurity architecture trends; anticipates technological and policy shifts and their potential impact on security tools and technologies.
  • Regularly reviews program performance against program objectives and wider business objectives, and provides redirection where necessary.
  • Routinely advises senior management on a range of security-related issues (e.g., assessing the severity of weaknesses and deficiencies in the system, plans of action and milestones, risk mitigation approaches, security alerts, and potential adverse effects of identified vulnerabilities),
  • Determines program and project budgets, considering their relative priority, urgency, importance and contribution to the business strategy.

• Delivery & Execution

  • Defines and executes organizational security technologies lifecycle management framework.

  • Leads the design and implementation of comprehensive vulnerability management programs.

  • Evaluates interoperability of multiple security design and development tools.

  • Leads design, development and implementation of enterprise security management methodologies and risk monitoring processes and systems.

  • Establishes principles, blueprints and standards for information security and privacy.

  • Develops mechanisms to effectively evaluate and resolve challenges of complex cybersecurity architecture.

  • Supports Engineers in researching, reviewing, and recommending new security controls based on capability and need. 

  • Directs the implementation of technical controls, such as anti-virus, anti-spyware, intrusion detection and prevention, firewalls with oversight to the technical security of the environment.

  • Provides guidance on new security concerns (ransomware, nation-state infrastructure attacks, etc.) and upcoming control technologies.

  • Identifies emerging technologies and tools to support security, leveraging security solution alternatives, driving business requirements, and incorporating of new technologies in roadmaps.

  • Creates and maintains standards in conjunction with Compliance and Engine.

• Leadership

  • Works with cross-functional IT and enterprise teams to build alignment and model commitment to high performance as “one team” .

  • Drives the relationship and communications to inspire stakeholders like future users or customers with ideas and exemplary solutions through strategic scenarios and proposals.

  • Responsible for functional area of mentoring and collaboration. Provides direction, motivation, and strategy of the functional area. 

• Performs other duties as assigned (no more than 5% of duties).