Sr. Cyber Security Cloud Architect at Kimberly-Clark Corporation in neenah, Wisconsin

Job Description:

Sr. Cyber Security Cloud Architect

Job Description

The Cloud Security Architect is a senior technical professional. As a security solution architect, you will own the end to end design of complex, integrated, enterprise security solutions and deep integrations at all levels. This is a key technical role (individual contributor) that will support a multi-functional team delivering solutions to many different business organizations. As an individual contributor, the Cloud Security Architect will be responsible to gather business and technical requirements from our internal customers and reconcile such with security requirements from various security architecture teams (from network to application layers) to design and secure but operationally viable security solution.

Key Responsibilities:

• Designs and develops security architectures for cloud- and cloud/hybrid-based systems across all types including Infrastructure, Platform and Software as a Service (IaaS/PaaS/SaaS).




• Designs and implements cloud-native architectures and designs (based on business requirements) that will allow those requirements to be met with a minimal degree of risk to the organization and with appropriate security controls present.




• Represents the security platform in development and implementation of the overall global enterprise cloud architecture while acting as the ambassador and senior technical representative for Enterprise Security, engaging with other senior technical leaders throughout the organization.




• Develops security standards while working in partnership with Engineering, Infrastructure Services and Application Development organizations to choose appropriate technology solutions, and facilitates complete integration into the company environments.




• Identifies, recommends, coordinates and delivers timely knowledge to support teams regarding security technologies, processes or tools.




• Partners with other leaders across the business to identify opportunities and risks and deliver solutions that support business strategies while protecting intellectual property globally.




• Develops and executes strategies to increase cloud security knowledge throughout the enterprise.




• Responsible for the end to end architecture for cloud security solutions involving multiple public cloud stacks (e.g. GCP, Azure) and large internal cloud platforms.




• Responsible for translating the functional design into the security architecture for the solution.




• Responsible for delivering the end to end security architecture and design artifacts.




• Works closely with the security and IT domain architects to ensure that platform specific solutions meet the needs of all functional, security requirements and architecture design.




• Works with business analysts and business owners to understand the requirements in order to design solutions.




• Shares best practices and lessons learned and continuously updates the technical security architecture based on changing technologies in collaboration with other domains security architects.




• Recommends and participates in the design and implementation of standards, tools, and methodologies.




• Manages Security Architecture Working Groups for the development and maintenance of the EA.




• Identifies opportunities to improve the effectiveness and efficiency of business applications.




• Assists with project level of effort estimations.




• Recommends and participates in ‘Proof of Concept’ meetings required to investigate technical possibilities to meet business needs.




• Develops security strategy and roadmaps to create technical solutions.




• Works with internal and external delivery teams.




• Works with multiple multi-functional teams to support releases of varying size, complexity, and duration.




• Evaluates developing requirements or areas such as Local area networks (LANs), wide area networks (WANs), Cloud Architectures, virtual private networks (VPNs), routers, firewalls, and related security and network devices for Architecture integration.




• Develops detailed technical security and compliance standards for technology components.




• Ensures operational reliability and support of IT services delivered to our patients, customers, and users are according to defined SLA metrics for confidentiality, integrity and availability from a design, architecture and integration perspective.




• Enables security and compliance by design to help mitigate threats while positioning for future expansion and business enablement.




• Provides architecture and roadmaps for incorporating infrastructure security devices, including IPS, SIEM, malware proxies, network and systems access controls, firewalls, authentication devices, enterprise monitoring systems, etc.




• Partners with Business representatives, Application Development, Engineering, Operations and Support, Security, Compliance, Corporate Strategy and other digital partners. Provide guidance and direction to the overall technical strategy and roadmap by aligning cost-effective and reusable solutions while advancing the usage of new emerging trends and technical capabilities.




• Partners with Business representatives, Application Development, Engineering, Operations and Support, Security, Compliance, Corporate Strategy and other digital partners. Provide guidance and direction to the overall technical strategy and roadmap by aligning cost-effective and reusable solutions while advancing the usage of new emerging trends and technical capabilities.




• Enables security and compliance by design to help mitigate threats while positioning for future expansion and business enablement.

Knowledge | Skills |Experience:

• Process models such as Agile, (SAFE, Scrum, etc.), spiral, DevOps, SecDevOps.




• (Plus) knowledge of secure coding practices, and secure application design across multiple platforms (ASP.NET, JEE, Node.js), languages (.NET, Java, JavaScript), and devices (PCs, tablets, smart phones).




• Familiarity with Software Configuration Management (SCM), Continuous Integration and Continuous Delivery (CI/CD) to leverage the latest native cloud services; automated delivery models (blue-green, canary, etc.), IDAM (Identity and Access Management) technologies; penetration testing techniques; enabling Security Information and Event Monitoring (SIEM) systems; IPD/IDS on large scale systems.




• Experience implementing and operating an enterprise-scale cloud, including service catalog and service enablement automation, DevOps automation frameworks, BCM and DR supported architecture.




• Experience in IT security architecture components, demonstrating solutions delivery; including network design, application delivery, remote access, cloud components (IaaS, SaaS, PaaS), security devices, data protection technologies, mobile device management, and others.




• Understanding of security and compliance domains for areas such HIPAA, PCI, FINRA, Privacy Regulations, NIST 800-53; Ensure appropriate visibility of critical business assets, including customer data e.g. PHI, PII and ensure appropriate security controls to enhance patient, customer, and user experience as well as maintain high levels of customer satisfaction and data security.




• Demonstrates that s/he has remained current on industry trends in cyber risk with industry standards and regulatory requirements (e.g., ISO27001/2, NIST cyber security framework, security best practices}. Teamwork, Planning, Roadmaps and Strategy




• Ability to use of architecture and roadmaps for incorporating infrastructure security devices, including IPS, SIEM, malware proxies, network and systems access controls, firewalls, authentication devices, enterprise monitoring systems, etc.




• Work collaboratively with information security team member and business stakeholders includes building solid, trust-based relationships with client stakeholders.




• Ability to look at un-integrated and emerging technologies for business enablement, security compliance is desired. For example, conceptualizing possible future functional and non-functional requirements into architecture platform technical strategy and detailed design to meet business objective




• Work collaboratively with information security team member and business stakeholders includes building solid, trust-based relationships with client stakeholders.




• Ability to look at un-integrated and emerging technologies for business enablement, security compliance is desired. For example, conceptualizing possible future functional and non-functional requirements into architecture platform technical strategy and detailed design to meet business objective




• Ability to communicate and work seamlessly in a global team.




• Experience architecting solutions within Amazon Web Services (AWS), Azure and GCP.




• Experience with the assessment, development, implementation, optimization and documentation of a comprehensive and broad set of security technologies and processes – secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), and network security) – within SaaS, IaaS, PaaS and other cloud environments




• A working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (e.g., OAuth and OpenID).




• Experience with service-oriented architecture for cloud-based services.




• Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.




• Experience with enterprise applications (architecture, development, support and troubleshooting).




• Experience performing threat modeling and design reviews to assess security implications and requirements for the introduction of new technologies.




• Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical-risk decisions.




• Experience with enterprise architecture and working as part of a cross-functional team to implement solutions.




• Excellent interpersonal, written and verbal communication skills.




• Ability to work in a cross-functional team environment.




• Possesses a self-starter/self-motivated mindset.




• Technical writing experience.




• Organizational skills to manage multiple competing priorities and deadlines in a fast-paced working environment.




• Ability to accommodate ten percent work travel requirement.




• Understands the broad view of the organization’s business applications landscape.

Required Qualifications:

• A bachelor’s or advanced degree in Computer Science, engineering, information systems or a related discipline, or the equivalent combination of education and work experience.




• 10+ years of experience with security architecture and/or engineering.




• 5+ years of experience with cloud platforms, such as Amazon Web Services (AWS), Microsoft Azure and VMware NSX.




• 5+ years of experience in technology, preferably in support of application architectures (e.g. application platforms, languages, frameworks, integration and security).




• IT Security certifications required: CISSP, AWS Security Specialist (preferred)

Preferred Qualifications:

• Experience with deployment orchestration, automation and security configuration management (e.g., Jenkins, Puppet and/or Chef).




• Understanding and experience with security standards: NIST Cyber Security Framework, NIST SP800-53, COBIT, ISO27001.




• Understanding of the OWASP Top 10, and SANS Top 25/CWE 25.




• Ideally holds multiple security certifications such as CISSP, SSCP, Security +, CISM, CISA, CCSK, or equivalent. One or more cloud / cloud security certifications such as CCSP, ISSAP, Azure, AWS Certified Solutions Architect Process, Lifecycles and Approaches.

Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 175 countries. Every day, 1.3 billion people - nearly a quarter of the world's population - trust K-C brands and the solutions they provide to enhance their health, hygiene, and well-being. With brands such as Kleenex, Scott, Huggies, Pull-Ups, Kotex, and Depend, Kimberly-Clark holds No.1 or No. 2 share positions in more than 80 countries. With more than 140 years of history of innovation, we believe in recruiting the best people and empowering them do their best work.  If fresh thinking and a passion to win inspire you, come Unleash Your Power at Kimberly-Clark. 

For Kimberly-Clark to grow and prosper, we must be an inclusive organization that applies the diverse experiences and passions of its team members to brands that make life better for people all around the world.  We actively seek to build a workforce that reflects the experiences of our consumers.  When you bring your original thinking to Kimberly-Clark, you fuel the continued success of our enterprise. We are a committed equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation, gender identity, age, pregnancy, genetic information, citizenship status, or any other characteristic protected by law.

The statements above are intended to describe the general nature and level of work performed by employees assigned to this classification. Statements are not intended to be construed as an exhaustive list of all duties, responsibilities and skills required for this position.

This position may require a post-offer/pre-hire Physical Abilities Test (PAT) to confirm that individuals are able to perform the essential functions of the job.

K-C requires that an employee have authorization to work in the country in which the role is based.  In the event an applicant does not have current work authorization, K-C will determine, in its sole discretion, whether to sponsor an individual for work authorization.  However, based on immigration requirements, not all roles are suitable for sponsorship. This position is subject to drug and alcohol testing, including pre-employment testing.

Global VISA and Relocation Specifications:

K-C will support in-country relocation for the chosen candidate for the role. The benefits provided will be per the terms of K-C’s applicable mobility policies. The benefits/policy provided will be decided in K-C’s sole discretion.

Primary Location

USA-WI-Neenah

Additional Locations

USA-GA-Atlanta-Roswell, USA-IL-Chicago, USA-TN-Knoxville, USA-TX-Dallas

Worker Type

Employee

Worker Sub-Type

Regular

Time Type

Full time

Apply Now