Sr. Security Architect I (II)

problems.

Essential Functions:**

• Researches and supports development and advancement of a comprehensive security strategy and strategic roadmap.

• Develops and maintains high quality documentation for cyber security policies, architectures, and standards.

• Works across the organization to communicate security approaches and that internal and external stakeholders support the changes.

• Supports cross-functional programs that advance security, such as zero-trust architecture, cloud security, data and analytics, machine learning, and security automation.

• Monitors technical advancements and makes recommendations to improve network, system and application security architectures.

• Supports enterprise architecture and application architecture initiatives and creates corresponding security design patterns.

• Consults with project teams to design secure architecture for new projects in alignment with agreed upon security design patterns.

• Supports application security assessments by developing improved tools and approaches for assessing security.

• Defines data security policies and processes to protect corporate data.

• Develops security solutions based on NIST Cybersecurity Framework (CSF) guidelines.

• Supports architectural guidance team to evaluate project proposals for architectural fit.

• Assists in prioritizing security efforts to balance security risks with operational and business risks.

• Assists team and department management in developing work plans, including scope, milestones, schedule, releases, resources and deliverables.

• Builds strong relationships with stakeholders by providing superior customer support as demonstrated by clearly owning, resolving and communicating issues and problems, and being responsive to needs, requirements, and deadlines.

• Supports the Cyber Security Incident Response Team (CSIRT) process by participating in various responder roles.

**Characteristics & Qualifications:

Required:**

• Bachelor's Degree in Computer Engineering, Computer Science, Information Technology or equivalent work experience

• At least 5 years of experience overall IT/IS experience

• At least 2 years of experience with security engineering/architecture

• Two or more of the following: applications (on-prem or cloud-based), networks, operating systems, or DevOps. Cloud security experience such as implementing landing zone, encryption, identity and access management, security monitoring, infrastructure as code (IaC), cloud workload protection platform (CWPP), control plane configuration and cloud security posture management (CSPM) solutions .

• Ability to produce high-quality work products with attention to detail

• Ability to visualize and solve complex problems

• Experience with NERC Critical Infrastructure Protection (CIP) Standards

• Ability to collaborate, influence, and partner with business units

• Experience using Microsoft Project

• Experience with Operating Systems, networks, storage technologies, software development, databases, and security concepts

• Experience using effective verbal and written communications skills

Preferred:

• Experience with PJM operations, markets, and planning functions
• Experience implementing zero trust architecture, data and analytics, machine learning, and security automation.
• Experience with defining data security policies and processes to protect corporate data as part of Data Security Governance.
• Experience working in a regulated industry (especially NERC CIP).
• Experience with NIST CSF.
• Experience working with varying levels of classified data.
• Knowledge and experience of importance of diversity and inclusion at workplace and its effective use to improve PJM's business functions as it relates to assigned responsibilities.
• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)