Enterprise Cyber Security Architect

Title: Enterprise Cyber Security Architect
Company: Tampa Electric Company
Location: Ybor Data Center
State and City: Florida - Tampa
Shift: 8 Hr. X 5 Days

Hiring Manager:Mayda Gonzalez

Recruiter: Mark E Koener

TITLE: Enterprise Cyber Security Architect
PERFORMANCE COACH: Manager of Enterprise Architecture
COMPANY: Tampa Electric
DEPARTMENT: Information Security

POSITION CONCEPT
The Enterprise Security Architect (ESA) is responsible for ensuring the integrity of the company's information resources at the network, operating system, and application levels by researching, recommending, and developing security architecture, as well as leading the implementation of appropriate technical and procedural solutions. Provide an innovative and comprehensive approach for complex business and technology initiatives pertaining to cyber security and smart grid environments utilizing cyber defense, enterprise risk management, information assurance and information security. This role will also assist with the identification and evaluation of holistic security gaps with a focus on infrastructure and the business applications layer. Identify and integrate sound security controls for applications, systems, and processes for the organization. Responsibilities include the security aspects of all network infrastructure, operating systems, database, hosted solutions, Industrial Control Systems (OT) and web server platforms throughout TECO Energy and its subsidiaries.

Focus Areas:
* Security controls and general IT controls
* Security architectures to infrastructure designs and requirements
* OT or Industrial Control Systems (ICS) Security
* CISSP

PRIMARY DUTIES AND RESPONSIBILITIES
1. Lead implementation of enterprise-wide security architecture initiatives and solutions and proof-of-concept projects while collaborating with multidisciplinary teams, affiliates, and business units to implement and support existing and future solutions. (40%)

2. Identify security architecture capabilities and design security architecture solutions to mitigate threats; evaluate emerging technologies, develop requirements, and ensure adherence to industry standards. (20%)

3. Provide technical leadership to the infrastructure delivery teams with focus on alignment of execution to established security requirements. (20%)

4. Support Corporate and Industrial Control System (inclusive of Distributed Control Systems (DCS), Electric and GAS SCADA and Smart-Grid) Security Architecture based on industry-specific security standards. (10%)

5. Provides solutions to reduce cyber risk and ensure compliance with the NIST CSF, CIP, TSA Security Directives, DFARS, SOX, PCI, etc. (10%)

RELATIONSHIPS
Key Internal: Engage with multiple Information Technology groups and business units. Individual contributors, middle management, and executive management.

Key External: External contacts including vendors, contractors, regulatory agencies industry associations, and other utility partners.

QUALIFICATIONS
Education
Required: Bachelor's Degree in Computer Science, Engineering or related field.

Licenses/Certifications
Required: Certified Information Systems Security Professional (CISSP) or one or more related Information Technology Security professional or vendor certifications (ex: CSSA, CEH, GIAC, etc.)

Preferred: Certified Information Systems Security Professional (CISSP), and related Information Technology Security professional or vendor certifications (ex: CEH, CSSA, GIAC, etc.)

Experience

Required: 7 years of practical technical experience in an Information Security role.
Experience implementing Security Frameworks (ISO 27000, NIST Cyber Security).

Knowledge/Skills/Abilities (KSA)
Required:
* Multi-disciplinary knowledge of major security technologies (firewalls, IDS/IPS, anti-virus, SIEM, and encryption, etc.)
* Multi-disciplinary knowledge of encryption systems (PKI, certificates, data encryption, and VPN).
* Multi-disciplinary knowledge of network design and security architecture controls.

Preferred:
* Anticipates, recognizes, and resolves issues to prevent, reduce or otherwise mitigate Information Technology risk
* Working knowledge of Network or Security Operations Center monitoring information systems or SCADA systems.
* Time and project management skills, ability to deliver in a fast-paced environment
* Maintains current knowledge of relevant technology as assigned.
* Excellent verbal, written and presentation skills.
* Strong interpersonal skills and ability to interface with all levels of management.
* Ability to implement Security Frameworks (ISO 27000, NIST Cyber Security)

TECO offers a competitive Benefits package!!

Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!