Enterprise Security and IAM Architect

Company: CPS Energy
Location: San Antonio
Posted on: November 1, 2024

Job Description:

We are engineers, high line workers, power plant managers, accountants, electricians, project coordinators, risk analysts, customer service operators, community representatives, safety and security specialists, communicators, human resources partners, information technology technicians and much, much more. We are 3,500 people committed to enhancing the lives of the communities we serve. Together, we are powering the growth and success of our community progress every day!Tasks and Responsibilities

• Responsible for enterprise security architectural design and planning in a hybrid cloud environment.
• Designing data-centric security architectures to ensure appropriate control over data use and protection.
• Responsible for the strategy and enablement of identity and security solutions that include DLP, Encryption, Key Management, Identity Management, Secure Data Transport, audit, event detection, CASB, Intrusion Prevention, Remote Access, Firewall and more.
• Understanding the Enterprise's Identity Management current requirements, future state and industry best practices to plan and implement Identity & Access Management (IAM) solutions.
• Responsible for architecting IAM in a hybrid cloud environment, user/service/device authentication & authorization, managing enterprise identities and entitlements.
• Architecting the security posture of enterprise Operational Technology (OT) environments to help ensure compliance with NERC and other regulatory bodies.
• Should have a solid understanding of general IT application structures, the supporting components to the network, and general overall wholistic IT functions, operations and general dataflows of the enterprise to enable planning and implementation of best practice security measures.
• Must be knowledgeable of past, present, and upcoming security technologies, standards, and best practices to properly plan and implement solutions in the most effective way.
• Develop enterprise security architectural patterns, approaches and design solutions, research new technologies and approaches.
• Plan on how security controls are used (CASB, CSMP, CNAPP, CWPP and so on) and how they are deployed.
• Create security standards and roadmaps, develop recommendations for migrating to future standards.
• Responsible for the security design, architecture and automation designs of on premise, wide area and Cloud solutions.
• Partner with vendors to select appropriate technical solutions.
• Collaborate with stakeholders to develop consensus, drive results, and execute projects across the organization on time and within budget.
• Manage several simultaneous initiatives from conception through implementation.
• Contribute to security standards and design patterns. Deliver solutions tailored to internal business requirements.
• Articulate design rationale, flexibly adapt solutions, and iterate designs when required.
• Provide 3rd level support and input as required to teams diagnosing reported issues, providing root cause analysis to management and the business teams.
• Work closely with Senior management, Architecture, Application managers and IT Security, BTE and operations teams.
• Enhances efficiency via automation when and wherever possible. Cross train other team members on projects, and network technologies.Minimum Knowledge and Abilities
  • Strong interpersonal skills essential and ability to handle competing priorities.
  • Experience in IT, with experience in system design.
  • Understanding of common information architecture frameworks and information modeling methods.
  • Knowledge of problem analysis, structured analysis and design, and statistical programming languages, and database query language (SQL and NO SQL based).
  • Familiarity with enterprise level business intelligence and data warehousing platforms.
  • Understanding of basic statistics, machine learning algorithms, multivariate calculus and linear algebra.Preferred Qualifications
    • Enterprise security architecture experience in a complex, multi-platform distributed environment.
    • Strong experience with On-Prem / Private, Public Cloud network, identity and application security services.
    • Experience and knowledge of security methods and solutions to support: DLP, Encryption, Key Management, Fine Grained Access Control, Audit Trail, Detection, CASB, Micro segmentation, Cybersecurity Mesh, Secure Access Service Edge (SASE) and others.
    • Knowledge of industry security standards and frameworks such as Payment Card Industry (PCI), HIPAA NIST, ISO 27001 and Cybersecurity Framework (CSF).
    • Familiar with principles of cloud security and solutions including native cloud provider security, Office 365 security and Cloud Security Posture Management (CPSM).
    • Specific experience securing Microsoft Azure hosted services.
    • Experience with Identity Management Solutions and leading products in the marketplace.
    • CISSP or equivalent technical certification will be beneficial.
    • Experience architecting and implementing network security & QoS technologies.
    • Able to develop opportunities, pitch and deliver security related projects.Required CertificationsBachelor's degree in computer science, information systems or a related study, or equivalent project-related technical experience.Physical DemandsIndoor work, operating computer, manual dexterity, talking, hearing, repetitive motion. Use of personal computing equipment, telephone, multi-functioning printer and calculator.Ability to travel to and from meetings, training sessions or other business related events.Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met.CPS Energy does not discriminate against applicants or employees. CPS Energy is committed to providing equal opportunity in all of its employment practices, including selection, hiring, promotion, transfers and compensation, to all qualified applicants and employees without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, citizenship status, veteran status, pregnancy, age, disability, genetic information or any other protected status. CPS Energy will comply with all laws and regulations.
      #J-18808-Ljbffr

Keywords: CPS Energy, Round Rock , Enterprise Security and IAM Architect, Professions , San Antonio, Texas