Alcoa - Pittsburgh, PA
posted 19 days ago
Full-time - Senior
Pittsburgh, PA
Primary Metal Manufacturing
About the position
The Cyber Security Architect at Alcoa Corporation plays a critical role in safeguarding the organization from evolving cyber threats. This global position involves specialist-level responsibilities for cyber security initiatives across all operating units and locations. The architect will evaluate technology and infrastructure, design security architecture, lead remediation efforts, and promote a strong cyber security culture within the organization.
Responsibilities
- Perform in-depth evaluations of Alcoa's technology, infrastructure, and information systems to identify vulnerabilities, risks, and opportunities for strengthening security.
- Deliver insightful recommendations based on assessments to guide cybersecurity improvements across IT and Business/Process Control Networks.
- Design and evolve Alcoa's global cyber security architecture, ensuring alignment with industry frameworks (e.g., ISO 27001, NIST).
- Champion a Defense in Depth approach, integrating best practices, tools, and processes into the architecture.
- Facilitate the deployment of cyber security architecture across infrastructure, cloud, and applications globally.
- Proactively identify cyber risks using advanced risk assessment processes, tools, and metrics.
- Lead the remediation of security gaps while ensuring compliance with Alcoa's cyber security standards, regulatory requirements, and governance frameworks.
- Provide consistent operational support to business units, ensuring effective execution of security requirements during routine and emergency operations.
- Actively participate in incident response, threat containment, and forensic analysis, leveraging Alcoa's SIEM and monitoring systems.
- Conduct security assessments and threat analysis across Alcoa's global sites to evaluate physical, technical, and network security controls.
- Collaborate with regional teams to implement corrective measures that reduce identified risks.
- Drive awareness and education initiatives across all organizational levels, promoting a strong cyber security culture.
- Serve as a bridge between IT teams, leadership, and business stakeholders to align security objectives with business goals.
- Assist in shaping Alcoa's cyber security vision, emphasizing centralized data and asset protection strategies, performing threat intelligence, incident management, and investigations.
- Develop and govern security standards for data and asset protection, risk management, and cyber resilience.
- Collaborate with development teams to implement Secure-by-Design principles throughout the Software Development Life Cycle (SDLC).
- Develop and enforce stringent application security standards for all production and development environments.
- Continuously research evolving cyber threats, emerging security technologies, and innovative authentication mechanisms.
Requirements
- Bachelor's degree in computer science/IT/IS, Business, Math, Finance, Engineering, Economics or Accounting/procurement from an accredited institution.
- 4+ years in IT Operations or similar, preferred.
- 5+ years in IT security.
- Experience with security architectures, frameworks (ISO-2700x, NIST), and technologies.
- Knowledge of process control systems, associated protocols, architecture, and security strongly preferred.
- Certified in CISSP / CISM, preferred but not required.
- Project management experience in leading several small to large projects.
- Demonstrate a solid understanding of project management processes, methodologies, and techniques.
- Experience with large, global infrastructure support processes.
Nice-to-haves
- Experience with security architectures, frameworks (ISO-2700x, NIST), and technologies.
- Knowledge of process control systems, associated protocols, architecture, and security.
Benefits
- Competitive compensation packages, including pay-for performance variable pay, recognition and rewards programs, and stock-based compensation awards (3-year vesting schedule).
- Flexible spending accounts and generous employer contribution to the HSA.
- 401(k), employer match up to 6%, additional employer retirement income contribution (no vesting period), and a nonqualified deferred compensation plan.
- 10 holidays and one flexible holiday of your choice.
- 56 hours of sick/safe leave.
- 8 hours of Paid annual volunteer hours.
