DIRECTOR ENTERPRISE SECURITY ARCHITECTURE - PHOENIX, AZ at Freeport-McMoRan (Phoenix, AZ)

The role of the Director Enterprise Security Architecture is to provide leadership and management for MIS Security Architects and Contractors on technical Security Architecture, Security Engineering, and Security Processes. Overall control landscape includes Vulnerability Management, Access Control, Identity, Encryption, Endpoint, DLP, Messaging, Secure Software Development Lifecycle, Network Security, and Disaster Recovery. This position manages the interface between MIS Security, MIS Infrastructure Architecture, and MIS Applications Architecture, and ensures project-level solution designs support long-term global enterprise architecture standards and portfolio roadmaps. The incumbent must effectively work with MIS leadership including the CIO, Directors, Managers, and Staff.

• Responsible for managing a team that provides Security Architecture services including contractors and vendors.

• Coach and train team in Information Security policies and standards, security process and design frameworks, and delivery of cybersecurity services

• Develop both short and long-term Enterprise Security system technology roadmaps based on an understanding of the organizational strategic requirements, risk landscape, technology context and business needs

• Represent Security interest in the Architecture Review Board (ARB) meetings, and ensure development of reference architecture documentation and presentation of initiatives in the ARB

• Oversee the design and integration for IAM functions including identity management, account provisioning, entitlements review, authentication processes, logging, enterprise roles management, and authoritative sources for identity and its attributes; provide project support in the process re-engineering and automation of existing processes

• Oversee the design and integration for network security functions including firewalls, remote access, network access control, network activity monitoring, forensics, and other attributes; provide project support in the process re-engineering and automation of existing processes

• Oversee the design and integration for technologies and processes around threat and vulnerability management to include identification, analysis, remediation, and reporting

• Extend TVM integration into processes and procedures for security incident response

• Oversee the design and integration of cyber security controls within the Software Development Life Cycle (SDLC)

• Support the security configuration and change management function to include configuration reviews and security tool feature enablement

• Perform other duties as required

Minimum Qualifications

• Bachelors degree in MIS or related field AND

• Ten-plus (10+) years of IT experience with a minimum of four (4) years in Security Architecture to include:

• • Strong background in Security technology design and architecture

  • Experience in working with current and emerging Information Security technologies and development methodologies

  • Effective leader, visionary, and implementer with demonstrated experience in advising and influencing Senior Management

  • Excellent analytical skills: able to break down complex, multi-faceted problems into actionable steps without over-simplification

  • Ability to communicate Security-related concepts to a broad range of technical and non-technical staff in an intelligent, articulate, and persuasive manner

  • Strong technical, facilitative and collaboration skills, organizational and time management skills, communication (verbal and written) and interpersonal skills

Preferred Qualifications

• Security Certifications such as CISSP, CISM, GWEB, GSSP-.NET, GWAPT, etc.
• Understanding of IAM technologies and processes including account provisioning, role management, entitlement review and identity management
• Experience with Cloud platforms such as Azure
• Experience with SQL, PKI, SAML, XML
• Experience with security architecture related to protocols such as SNMP, HTTP(s), SOA, Web Services
• In-depth understanding of network security issues, security event logging / monitoring, operating systems (Windows, Unix), Firewalls, Intrusion prevention, AV technologies, authentication mechanisms, vulnerability assessment & scanning tools, application security assessments, incident response and knowledge of common information security management frameworks
• Experience working with software developers and experience with application design reviews and threat modeling
• Experience with regulatory compliance such as SOX
• Active in professional security organizations such as ISSA, OWASP, SANS, FUEL, etc.

Criteria/Conditions

• Ability to understand and apply verbal and written work and safety-related instructions and procedures given in English
• Ability to communicate in English with respect to job assignments, job procedures, and applicable safety standards
• Must be able to work in a potentially stressful environment
• Position is in busy, non-smoking office located in downtown Phoenix, AZ
• Location requires mobility in an office environment; each floor is accessible by elevator
• Occasionally work will be performed in a mine, outdoor or manufacturing plant setting, which may include exposure to extremes in temperature and humidity, moving mechanical parts, risk of electrical shock, toxic chemicals, explosives, fumes or airborne particles
• Must be able to frequently sit, stand and walk
• Must be able to frequently lift and carry up to ten (10) pounds
• Personal protective equipment is required when performing work in a mine, outdoor, manufacturing or plant environment, including hard hat, hearing protection, safety glasses, safety footwear, and as needed, respirator, rubber steel-toe boots, protective clothing, gloves and any other protective equipment as required
• Freeport-McMoRan promotes a drug/alcohol-free work environment through the use of mandatory pre-employment drug testing and on-going random drug testing as allowed by applicable State laws

Freeport-McMoRan has reviewed the jobs at its various office and operating sites and determined that many of these jobs require employees to perform essential job functions that pose a direct threat to the safety or health of the employees performing these tasks or others. Accordingly, the Company has designated the following positions as safety-sensitive:

• Site-based positions, or positions which require unescorted access to site-based operational areas, which are held by employees who are required to receive MSHA, OSHA, DOT, HAZWOPER and/or Hazard Recognition Training; or
• Positions which are held by employees who operate equipment, machinery or motor vehicles in furtherance of performing the essential functions of their job duties, including operating motor vehicles while on Company business or travel (for this purpose motor vehicles includes Company owned or leased motor vehicles and personal motor vehicles used by employees in furtherance of Company business or while on Company travel); or
• Positions which Freeport-McMoRan has designated as safety sensitive positions in the applicable job or position description and which upon further review continue to be designated as safety-sensitive based on an individualized assessment of the actual duties performed by a specifically identified employee.

Equal Opportunity Employer/Protected Veteran/Disability

by via developer jobs - Stack Overflow