Security Architect

Summary :

Cyber Security Architect role is responsible to drive "Secure by Design" strategy across Garrett. The role will enable security architecture solutions for IT Solutions deployed across Garrett IT and Manufacturing Plants IT landscape. The role will be responsible to drive reference architecture for a secure IT environment. The role will drive Cyber Security Architecture reviews to evaluate Enterprise IT archiecture, identifiy Cyber Security risks & recommend mitigation approaches. Define and implement Cyber Security technology roadmap to integrate advanced technologies such as AI/ML, Blockchain, Quantum safe cryptography. Define defense in depth approaches for all functional IT areas, applications, software development, Dev-Ops, networking, end user computing, cloud, etc.

Key Job Areas of Responsibilities:

Security Architecture & Secure by Design:

Drive a standardized Security Architecture governance program to advance consistent architecture practices for all critical IT applications & infrastructure includeing Cloud SaaS services used in Garrett such as AWS, O365, Oracle HCM, Onshape, Rescale, Salesforce, etc Drive “Secure by Design" strategy to proactively build-in security practices across IT landscape including infrastructure & application architecture  Enable the right integration of Cyber security requirements in new programs, drive architecture reviews, security architecture risk assessments; studying architecture/platform; identifying integration issues. Define & drive Cyber security technology roadmaps to enable right level of threat detection and prevention capabilities for Garrett. Continuous focus on Security technology roadmap enhacements to integrate advanced technologies such as AI/ML, Blockchain, Quantum safe cryptography. Integrate best practices and strengthen cyber security systems by evaluating network and security technologies; developing security architecture requirements for networks (LAN/WANs/VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards Responsible to define Cyber Security Technology stack to support overarching Cyber Security Strategy & mitigate emerging cyber security threats Responsible to define Cyber Security Reference Architecture for key use cases across all IT Strategic initiatives such as Data Lake, eCommerce, Parametric Design for Engineering, Cloud Security, DevOps, Containerization project unique to organization line of business and functional teams. Drive Cyber Advisories by analyzing the latest threats from industry and providing concise advisories to Garrett stakeholders Responsible to establish & deploy Security baseline configurations for datacenters , IT and Plant, , WANs, routers, firewall and related network devices. Define defense in depth approaches for all functional IT areas, applications, software development, Dev-Ops, networking, end user computing, cloud, etc

Architecture reviews & OEM Customer interface:

Responsible to develop specific Cyber Security controls based on Automotive OEM customer requirements & drive implementation across IT & Manufacturing Plant OT environments Responsible for defining and implementing Cyber Security controls and technology required by customer to enable right level of protection for sensitive & confidential data Represent Garrett Cyber Security team with OEM Customers such as Daimler, GM, etc to develop confidence in Garrett's Cyber Security practices and collaboarte in securing customer data and adherence to the customer requirements for security controls. Collaborate with stakeholders across Engineering, ISC, Common Functions, Sales & Marketing, Comms, etc to define & implement Cyber Security architecture solutions to meet Customer's Cyber Security requirements Collaborate with Enterprise Architecture team to advance Cyber Security Architecture priorities Review the security requirements, draft Threat Modlling for the architecture, document the Cyber Security requirements to mitigate the security risks with the system.

Cloud Security Governance

Global Responsibility for defining & driving Cloud Security governance program to meet business requirements for all SaaS services and other cloud services such as AWS, O365, Onshape, Coupa, HR services and other critical services hosted on the cloud for the organizations Be a critical decision maker in selecting new cloud services by reviewing cloud security architecture before a new service is selected Responsible for Cyber Security architecture & design solutions for applications hosted in AWS Responsible to establish & deploy Cyber Security baseline configurations for AWS Collaborate with Enterprise Architecture to implement Cloud native Cyber security reference framework and knowledge repository. Create layered core, secondary and tertiary Cyber Security controls for implementing and executing cloud services.

Secure Product Life Cycle

Responsible for defining Secure product development life cycle & integration of security development practices into DevOps life cycle across IT & COV product development Be proactive in evaluating the industry trends on new technologies and methods to advance Cyber Security architecture and technnologies Participate in the technical evaluation and testing of hardware and software for possible impact on systems security or for risk to intellectual property. Establish & report Cyber Security Architecture KPI metrics Provide guidance to maintenance Up to date Security Policies and Procedures 15+ years of total experience & 10+ years of relevant experience in Cyber Security Architecture areas

Education / Qualifications: bachelor’s degree in information technology or related discipline

Experience:

Possess leadership skills to be able to directly and or indirectly influence the business functions to successfully implement security projects. Demonstrated proficiency with the IT Security Common Body of Knowledge required for enabling security concepts on varied technology. Demonstrated experience in maintaining common IT security technologies such as firewall, VPN, PKI, E-business and web technologies, vulnerability & risk assessment, intrusion detection, event correlation, DMZ, Extranet, etc Intermediate to advanced knowledge of routing, switching, and bridging in LAN/WAN multi-national environments. Experience in Secure DevOps and container technology, experience on Cloud Security and technologies Collaborate with Cloud Security Architecture for an integrated security governance program for the organizations. Strong understanding of Cyber Security concepts Experience with performing or reviewing enterprise risk assessments. Experience with evaluating or writing security standards / baseline to meet compliance requirements. Ability to work independently with limited supervision.

Key Skills and Knowledge:

Expertise and demonstrated experience in architecting and deploying solutions serving operational and analytical needs from both an infrastructure (security controls, Endpoint security, Network Security, Active Directory, SIEM, Data Protection, Encryption, etc. ) and data (securing and managing access to, conversion approaches, archiving, monitoring, etc) Experience in influencing customers and extended Project Teams  Communicating effectively in writing as appropriate for the needs of the audience  Good expertise Security architecture methodlogies such as threat modeling, architecture reviews, etc Abreast of both old and new security vulnerabilities and continually keep up to date on the latest security best practices and technologies. Strong knowledge of cryptography as it relates to computer and network security as well as file and email encryption required. Proficiency in performing architecture reviews and ranking risks.  Strong, demonstrated project management skills. A self-starter, with limited supervision & be able to work effectively in a global diverse environment. Review the security requirements, draft Threat Modelling Certifications like CISSP, CCSP are desirable. Maintains expert knowledge of Cyber security threats and risks, and constantly monitors and evolves system security posture to mitigate.

---