This job posting isn't available in all website languages


Global Application Security Architect

Information Systems
167397 Requisition #
Apply for Job
Share this Job
Sign Up for Job Alerts
What you will do

The Information Security Operations Global Security Architect is a position reporting into the Global Information Security Architecture and Engineering Manager with responsibility of assisting in development of standards, architectural tollgates, assessments and designs. In this role you will be a key player and consultant in the development and implementation of global systems, with significant exposure to clients and interfaces within all levels of management and outside vendors. You will serve as the lead on security application specification and design activities working closely with the regional Global Infrastructure groups, Business Unit I/T delivery organizations, the Identity Management, and other GI Architecture members. Manages the technology life cycle and maintains a life cycle matrix identifying current standards and future technology directions. Research, Validation and Evaluation of Identity management products to assist in defining strategy and deployment planning.
You will be responsible for maintaining a close working relationship with the Service Strategy, other GI/ IT organizations and business unit representatives in order to understand their requirements and technology needs. You will build a business relationship based on trust and earn the respect and confidence of the BU’s and regional I/T organizations.
You will maintain an understanding of key Business Unit initiatives to provide effective consulting services, both solicited and unsolicited.
You will ensure compliance with established architecture direction and standards. Work with Service Management and stakeholders to collect functional requirements and ensure the most effective solution is used. Work with Connectivity Platform Strategy and Engineering to understand current operational metrics, challenges and problems to adjust the architecture design accordingly. Develop and maintains a close relationship with key vendors, suppliers and service partners. Maintain an understanding of relevant industry standards and directions to ensure key vendors, suppliers and service partners development plans include support for same.

How you will do it

The responsibilities of the Global Security Application Architect include, but are not limited to:

• Acts as a senior level mentor to application development and support personnel for any/all issues regarding the design or use of security systems. This includes Enterprise Operational staff and Business Unit personnel.
• Stays current on all enterprise and regional application development and implementation projects to maintain global standards and provide global continuity among regional development and support personnel.
• Produces service level metrics consistent with current business requirements and defines the parameters and attributes to be monitored by Enterprise Operations tools.
• Acts as liaison between Company and managed vendors to provide information on future projects, business requirements and technical concerns on initiated projects.
• Stays abreast of current and evolving technologies in the application security area.
• Manage and facilitate the design and implementation of secure applications in support of Enterprise and Business Unit applications.
• Participates in or leads the design and implementation and reserves final approval of all interfaces.
• Establishes security related standards, Define technology roadmaps, support requirements and management infrastructure.
• Implement software security architecture for client facing products
• Implement and support a program for the introduction of the SDLC across all software. This includes identifying the key elements of the SDLC, definition of a maturity model, prioritization of introduction of elements of the practices, creation of training programs, etc.
• Partner with IT and Risk Management to develop a comprehensive set of cyber-security policies and procedures governing hosted and SaaS environments.
• Partner with IT and Risk Management to identify and obtain appropriate third party secure and risk certifications.
• Establish repeatable, effective methodology for addressing security related customer inquiries whether direct or via RFP.
• Develops enterprise level strategic plans and identifies key success factors; sets priorities and allocates the resources to achieve unit, division and corporate goals.
• Defines, prioritizes, schedules and monitors multiple enterprise level technical projects, developing and maintaining comprehensive project plans/schedules (and uses same to provide senior management with accurate and complete status information).
• Manages Global scope of security assessments
• Adheres to all current Changes and Problem management policies and procedures.
• Follow the Architecture analysis process, which consists on Research, Validation and Evaluation of all new initiatives, with phase gates reviews presented to all stakeholders during the process.
• Ensures that third party solutions follow all Johnson Controls standards.
• Acts as an internal consultant to BU’s and Infrastructure I/T.
• Provides management with accurate and complete status information.
• Assist in network IPS design to include documentation, coordination with networking resources and applicable vendor.

What we look for

The successful candidate will be a passionate information security professional with the ability to communicate to different business and IT leaders. The candidate will be able to execute the Information Security inventory management strategy defined by leaders. The candidate will demonstrate drive, intelligence, maturity, and energy and will be a proven team leader and security strategist.
• A minimum bachelor’s degree in computer engineering, computer security or computer science discipline.
• 7+ years of information security related experience working with teams in security operations, incident analysis, developing applications, and security applications.
• Familiarity with network security methodologies, tactics, techniques and procedures.
• Experience with Intrusion Detection Systems (IDS)/ Intrusion Protection Systems (IPS), SIEM and other network defense security tools.
• Ability to read IDS signatures.
• Understanding of network packet capture and ability to review.
• Experience performing security/vulnerability reviews of network environments.
• Knowledge of network security architecture, understanding of the TCP/IP protocol, and remote access security techniques/products.
• Experience with enterprise anti-virus/malware solutions, virus outbreak management, and the ability to differentiate virus activity from directed attack patterns.
• Candidate must be able to react quickly, decisively, and deliberately in high stress situations.
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, to technical and non-technical audiences at different seniority levels and interact with customers.
• Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a global team setting.
• Ability to create and maintain good business relationships with counter parts, customers and external entities to achieve the security operations management goals
• Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
• Experience with open source and commercial security management tools
• Experience in the definition and implementation of strategic information security plans
• Moderate knowledge of regulatory compliance requirements (PCI-DSS, HIPAA, FISMA, SOX)
• Moderate knowledge in National Institute of Standards and Technology (NIST) as they apply to FISMA

Desired Certifications (but not required):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified Ethical Hacker (CEH)
• Cisco Certified Network Associate Security (CCNA Security)
• Cisco Certified Network Associate (CCNA)
• Cisco Certified Network Professional Security (CCNP Security)
• Cisco Certified Network Professional (CCNP)
• Server Platform Certifications (Microsoft, Linux)

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Ireland, Ireland, Cork

📁 Information Systems

Requisition #: 165642

Ireland, Ireland, Cork

📁 Information Systems

Requisition #: 164431

View All Jobs