Manager, IT Cybersecurity (Architecture and Engineering)

About the position

The Manager, Global Cybersecurity (Architecture and Engineering) will be responsible providing leadership, as well as operational and tactical direction to diverse global teams, including analysts, engineers, and architects within the Global Cybersecurity Architecture and Engineering teams. The scope of the Architecture and Engineering team includes cybersecurity architecture, cybersecurity engineering, Identity and Access Management, and Identity Governance. The Architecture and Engineering manager must possess a strong technical background across multiple domains, cloud first environment, and within both Information Technology and Operational Technology environments along with a solid understanding of risk, mitigation, incident response, and technical controls. The Architecture and Engineering manager will also be responsible for working closely with OT and ICS leadership to ensure synergy between the departments. The Architecture and Engineering manager will work closely with IT, OT, and ICS teams that understand legacy and emerging technology implementations, operational focus, business purpose, and how systems and applications achieve high availability and are tightly secured. This role must be willing to learn and remain knowledgeable of critical, OT/ICS systems in place, as well as the integrated architecture comprising both technical and physical components. The role should also be familiar with monitoring event activity and creation of alert response plans within a complex OT cybersecurity environment. This role requires strong written and oral communication skills, as well as the ability to communicate detailed, technical information in a manner comprehensible by individuals at varying degrees of experience and skill level. The role requires the ability to speak confidently in front of large groups and with corporate management, vendors, and service providers. This role also contributes to global cybersecurity strategy and roadmap and ensures alignment between Enterprise Architecture and Technical Services teams. This role will report directly to the Director, IT Cybersecurity.

Responsibilities

• Develop a holistic cybersecurity architecture aligned with business needs, considering potential threats and vulnerabilities.
• Define security standards and procedures to govern system implementation and operation.
• Select and integrate appropriate security tools and technologies (firewalls, intrusion detection/prevention systems, endpoint protection, etc.).
• Design security for monitoring, logging, IAM, encryption, data protection, detection, and preventive controls.
• Implement security controls across network, application, and data layers.
• Design and implement secure network segmentation and access controls in partnership with Technical Services.
• Perform security assessments and penetration testing to identify vulnerabilities in partnership with other cybersecurity teams.
• Recommend and advise on strategies and best practices for cybersecurity and a flexible architecture.
• Draft cybersecurity strategies that align with business objectives and meet compliance and regulations.
• Validate appropriate cybersecurity configurations are aligned, adopted and implemented within Cybersecurity, and IT and OT environments.
• Integrate and automate secure continuous integration/continuous delivery build configurations for development pipelines.
• Proactively analyze, identify, and resolve performance bottlenecks.
• Manage projects within an agile environment, ensuring on-time regular delivery of new features, solutions, or resolutions.
• Lead the development and implementation of IAM strategies and policies to secure sensitive information and systems.
• Architect and manage the lifecycle of digital identities, including creation, maintenance, and deletion of user accounts and access rights.
• Ensure compliance with legal, regulatory, and policy requirements related to access management and data protection.
• Lead selection and Manage the IAM tools and technologies ecosystem, including single sign-on (SSO), multi-factor authentication (MFA), and identity governance solutions.
• Oversee the investigation and resolution of access-related incidents and breaches, collaborating with IT security teams as necessary.
• Conduct regular audits and reviews of access controls and permissions to ensure they are appropriate and comply with established policies.
• Timely coordination with HR to ensure timely updates to access rights based on role changes, terminations, and transfers.
• Provide leadership, direction, and mentorship to the IAM team, setting clear objectives and monitoring performance.
• Develop and set the strategic direction for Identity and Access Management.
• Stay abreast of the latest IAM trends, technologies, and best practices to continually enhance the organization's IAM framework.
• Work in tandem with Enterprise Architecture, Technical Services, and other Cybersecurity team leads.
• Stay up to date with cybersecurity threats, risks, and vulnerabilities with potential impact to services.
• Form relationships with colleagues in operations, threat intel, software development and risk management.
• Collaborate with IT, OT, ICS, and cybersecurity leadership to develop practices to reduce attack surface, as well as countermeasures to impede internal threats and external attackers.
• Attend project and implementation meetings and advise secure application and infrastructure configurations.
• Regular travel to office and site locations to build relationships, perform implementations or maintenance activities, and to continue to develop business acumen.

Requirements

• Minimum of 7 years of experience in IAM, IT security, or a related area, with at least 5 years in a managerial or leadership role.
• Strong understanding of cloud first security principles and technologies.
• Strong understanding of IAM principles, technologies, and standards (e.g., SAML, OAuth, OpenID, LDAP).
• Experience with IAM solutions and products (e.g., Okta, Microsoft Azure Active Directory).
• Demonstrated technical understanding of cybersecurity controls across complex networks, including endpoints, identity, cloud, firmware, and operating systems.
• General knowledge of frameworks (NIST, CSF, ISO, SOC2), IEC 62443 standards.
• Previous work with both legacy and emerging technology solutions in production.
• Proven familiarity maintaining and securing ICS, process control networks, programmable logic controllers, industrial protocols and supervisory control and data acquisition systems.
• Knowledge of IT security frameworks and regulations (e.g., ISO 27001, NIST, GDPR).
• Excellent leadership, communication, and interpersonal skills.
• Proven ability to manage projects, prioritize tasks, and meet deadlines.
• Proven use with zero trust network access, encryption, web application firewalls, data protection, vulnerability management, API security, IaC.
• Ability to influence technical team and business units and collaborate to reduce attack surface.
• Knowledge in one or more: NIST 800-144, CIS, CSA-CCM, ISO (27040, 27017, 27001).
• Capacity to comprehend complex technical infrastructure, managed services and third-party dependencies.
• Excellent verbal, written, listening, and presentation communication skills.
• Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding.
• Experienced in using knowledge to create value.
• Strong organizational and planning skills as well as attention to detail.
• Ability to handle highly confidential and sensitive information.
• Ability to effectively work and create effective partnerships with employees at all levels within the organization.
• Ability to anticipate and understand business strategies, objectives and priorities.
• Strong motivational leader that possesses a hands-on, lead by example approach.
• Strong interpersonal and teamwork skills.
• Ability to adapt to a continually changing business and work environment and manage multiple priorities.
• Demonstrated critical thinking and decision making skills.
• Strong analysis and problem-solving skills.
• Ability to provide oversight across multiple initiatives or projects.