Cybersecurity Architect

About The Position

Requirements

• Education: BA or BS in Computer Science, cybersecurity or a related field.
• 10 years of relevant IT experience to include 7+years of experience in cybersecurity, especially in a sr. security engineering role.
• 3+ years' experience with information systems and computer security - firewalls, encryption, and network architecture across cloud, network, and application environments.
• 2+ years' experience in developing and administering information technology policies; business continuity planning, auditing and risk management .
• Knowledge of DevSecOps best practices.
• Proficiency in IoT platforms and/or industrial automation systems.
• Experience in Azure (preferred), or similar.
• Knowledge of ISO27001 and NIST frameworks.
• Knowledge of Zero Trust Architecture principles and best practices.
• Experience in managing / implementing enterprise security related projects.
• SAP experience helpful, especially using GRC module
• Strong infrastructure management knowledge related to design and implementation of information systems.
• Strong written and verbal communication skills.
• Knowledge of financial management models to measure financial return and performance, calculate Return On Investment (ROI), Return on Assets (ROA), etc.
• Ability to operate standard office equipment (e.g., computer, telephone, copier, printer, etc.).
• Ability to effectively communicate in both small and large groups and settings.
• Ability to traverse between multiple locations in Ohio and Pennsylvania as needed.
• Ability to safely and successfully perform the essential job functions consistent with the ADA, FMLA and other federal, state, and local standards, including meeting qualitative and quantitative productivity standards.
• Ability to maintain regular, punctual attendance consistent with the ADA, FMLA and other federal, state, and local standards.

Nice To Haves

• CISSP certification, CISA/CISM or GIAC certification.

Responsibilities

• Designing Secure Systems: Design, build, and oversees an organization's IT security infrastructure, creating blueprints for robust, layered defenses. Translate security policies into technical, risk-managed designs—covering network, cloud, and application security—to protect against internal and external threats. Ensure that all solutions are documented and maintained.
• Developing Security Policies: Define, document, and enforce security policies, procedures, standards and guidelines that align with business goals and risk tolerance. Translate high-level business requirements into technical, actionable policies—such as data classification, access control, and incident response plans—that guide the design of a secure infrastructure.
• Security Strategy: Develops and updates the cyber security strategy and roadmaps in parthernship with the Cyber Security Manager. This will provide guidance and advocacy regarding prioritization of infrastructure investments to improve Swagelok’s IT security posture. Maintain professional knowledge through ongoing education and industry engagement.
• Risk Assessment & Mitigation: Identify potential vulnerabilities through security audits, and penetration testing; analyzing threats to prevent data breaches. Ensure the mitigation of identified risks. Act as primary point of contact during major information security incidents.
• Security Tools Implementation: Deploying and managing security technologies such as targeted phishing, business email compromise (BEC), firewalls, intrusion detection systems (IDS/IPS), data loss prevention (DLP), identity management systems and Security Information and Event Management (SIEM).
• Strategic Planning: Collaborating with IT teams and stakeholders to align security architecture with business objectives, including vendor management and, in some cases, merger/acquisition evaluations. Partner with IT leaders on the principals of Secure by Design to proactively approach to cybersecurity controls and principles into technology products and systems from the initial design phase.
• Collaboration and Partnership: Maintain a robust partnership between a Cyber Security, Legal counsel, Risk and Data Privacy teams to navigate complex regulatory landscapes, manage risk, protect brand. Monitor and communicate developments in information security legislation relevant to the organization.
• Develop and Mentor: Cultivate a culture of security awareness, and arranging continuing education of associates to ensure security policies are adhered to at all times. Also expected to mentor and develop associates in their understanding of security concepts, technical.

Benefits

• Swagelok provides a comprehensive package of valuable benefits called Total Rewards focused on health and wellness, compensation, retirement planning, and supplemental rewards.