Cyber Security Architect - (Job Number: 21000604) at Arconic in Pittsburgh, Pennsylvania

Job Description:

Arconic is seeking a Cyber Security Architect to join our Corporate Global Cyber Security Team supporting enterprise solutions. This is a highly visible role reporting to the Chief Information Security Officer and is located in Pittsburgh, PA. The successful candidate will have a bias for action, with the ability to work hands on, and have a history of driving initiatives across global matrixed organizations. If you have a history of success in this space and want to join a growing essential business, we encourage you to apply!

Arconic Corporation (NYSE: ARNC), headquartered in Pittsburgh, Pennsylvania, is a leading provider of aluminum sheet, plate and extrusions, as well as innovative architectural products, that advance the ground transportation, aerospace, industrial, packaging and building and construction markets. In 2020, the businesses of Arconic Corporation reported annual revenue of $5.7 billion. Through the ingenuity of our people and cutting-edge advanced manufacturing techniques, we make products that meet quality, efficiency, and delivery objectives to achieve customer success and shareholder value.

Compensation:

Strong base salary plus variable compensation bonus structure

Generous Health Benefits beginning day 1; medical, life, dental and vision plans

401(k); 100% Match up to 6% of earnings, Plus! a Retirement contribution (3%)

Competitive annual vacation accrual Plus! 10 annual paid holidays

Position Profile : The Cyber Security Architect plans, designs, and implements security solutions and capabilities to scale that enable the organization to identify, detect, respond, and recover from cyber threats and vulnerabilities.

Essential Functions: This position includes policy development, consultation and advisory, as well as tactical execution of the Arconic security program, this position acts as both driver and team player. Key responsibilities of the Cyber Security Architect role include but are not limited to:

• Review existing security architecture, identify design and policy gaps, and recommend security enhancements to enterprise business and process control networks
• Stay abreast of current and emerging security threats and design security architecture to mitigate them
• Follow and understand emerging security technologies and integrate them into security architecture as needed
• Ensure alignment between security architecture frameworks and standards and overall Arconic strategy
• Serve as an information security expert and trusted advisor to partners in IT and the business
• Achieve security architecture compliance on requirements, including, but not limited to, Sarbanes-Oxley, NIST, global data privacy requirements and state and federal regulations.
• Design and implement action plans for policy creation and governance, system hardening, monitoring, incident response, disaster recovery, and emerging cybersecurity threats.
• Defines and develops security requirements using risk assessments, threat modeling, testing, and analysis of existing systems.
• Oversee the information security technology stack, from an infrastructure, application, and service perspective
• Own and execute the enterprise vulnerability management program by overseeing vulnerability management solutions. Partner with enterprise IT teams and compliance teams to set the direction and prioritization for discovered vulnerabilities.
• Interface with IT leads to maintain and evolve standards for third party and supply chain security risk.

Essential Knowledge Skills and Abilities:

• Systems and Technology - Ability to demonstrate deep technical knowledge of the practical application of systems and technology. This includes enterprise-level knowledge of systems architecture, hardware, operations, and systems life cycle in the following areas:
  
  
  • Microsoft Windows / Unix / Linux
  • Enterprise networking
  • Internet of Things (IoT)
  • Operational Technology / Industrial Control Systems (ICS)
  
  
• Project Management - Job requires planning and completion of large and small-scale projects.
• Communication and Interpersonal Skills - Job requires partnership with all levels of the organization from shop-floor personnel to plant management. A successful candidate will effectively communicate information security risk in terms the business understands.
• Active Learning - Understanding the implications of new information for both current and future problem-solving and decision-making.
• Dependability - Job requires being reliable, responsible, dependable, and fulfilling obligations.
• Integrity - Job requires being honest and ethical.
• Time Management - Managing one's own time. This position requires self-motivation with autonomous work ethic.
• Works as part of a geographically dispersed team (e.g. local, global) using a variety of technologies. Acknowledges & accommodates, where appropriate, any variance in time zones and native language.
• The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Basic Qualifications:

• Bachelors' degree from an accredited institution.
• Minimum 7 years of experience implementing enterprise-scale information solutions in a matrix, global organization.
• Demonstrated experience in implementing policies aligned to industry standards (NIST/ISO, etc)
• Employees must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire. Visa sponsorship is not available for this position.
• This position is subject to the International Traffic in Arms Regulations (ITAR) which requires U.S. person status. ITAR defines U.S. person as an U.S. Citizen, U.S. Permanent Resident (i.e. 'Green Card Holder'), Political Asylee, or Refugee.

Preferred Qualifications:

• 5 years' of relevant cyber security experience.
• 10 years' experience implementing enterprise-scale information technology solutions
• Demonstrated professional experience securing public cloud deployments (Azure, AWS, GCP, etc.) is a plus
• Active security certification (ISACA, ISC2, CompTIA etc.), is a plus

Apply Now