Alcoa - Pittsburgh, PA
posted 18 days ago
Full-time - Mid Level
Pittsburgh, PA
1,001-5,000 employees
Primary Metal Manufacturing
About the position
The Cyber Security Architect at Alcoa plays a critical role in safeguarding the organization from evolving cyber threats. This global position involves specialist-level responsibilities for cyber security initiatives across all operating units and locations. The role includes evaluating technology and infrastructure for vulnerabilities, designing and evolving cyber security architecture, and leading remediation efforts to ensure compliance with security standards and regulatory requirements.
Responsibilities
- Perform in-depth evaluations of Alcoa's technology, infrastructure, and information systems to identify vulnerabilities, risks, and opportunities for strengthening security.
- Deliver insightful recommendations based on assessments to guide cybersecurity improvements across IT and Business/Process Control Networks.
- Design and evolve Alcoa's global cyber security architecture, ensuring alignment with industry frameworks (e.g., ISO 27001, NIST).
- Champion a Defense in Depth approach, integrating best practices, tools, and processes into the architecture.
- Facilitate the deployment of cyber security architecture across infrastructure, cloud, and applications globally.
- Proactively identify cyber risks using advanced risk assessment processes, tools, and metrics.
- Lead the remediation of security gaps while ensuring compliance with Alcoa's cyber security standards, regulatory requirements, and governance frameworks.
- Provide consistent operational support to business units, ensuring effective execution of security requirements during routine and emergency operations.
- Actively participate in incident response, threat containment, and forensic analysis, leveraging Alcoa's SIEM and monitoring systems.
- Conduct security assessments and threat analysis across Alcoa's global sites to evaluate physical, technical, and network security controls.
- Collaborate with regional teams to implement corrective measures that reduce identified risks.
- Drive awareness and education initiatives across all organizational levels, promoting a strong cyber security culture.
- Serve as a bridge between IT teams, leadership, and business stakeholders to align security objectives with business goals.
- Assist in shaping Alcoa's cyber security vision, emphasizing centralized data and asset protection strategies, performing threat intelligence, incident management, and investigations.
- Develop and govern security standards for data and asset protection, risk management, and cyber resilience.
- Collaborate with development teams to implement Secure-by-Design principles throughout the Software Development Life Cycle (SDLC).
- Develop and enforce stringent application security standards for all production and development environments.
- Continuously research evolving cyber threats, emerging security technologies, and innovative authentication mechanisms.
Requirements
- Bachelor's degree in computer science/IT/IS, Business, Math, Finance, Engineering, Economics or Accounting/procurement from an accredited institution.
- 4+ years in IT Operations or similar, preferred.
- 5+ years in IT security.
- Experience with security architectures, frameworks (ISO-2700x, NIST), and technologies.
- Knowledge of process control systems, associated protocols, architecture, and security strongly preferred.
- Certified in CISSP / CISM, preferred but not required.
- Project management experience in leading several small to large projects.
- Demonstrate a solid understanding of project management processes, methodologies, and techniques.
- Experience with large, global infrastructure support processes.
Nice-to-haves
- Experience with cloud security solutions.
- Familiarity with incident response and forensic analysis tools.
- Knowledge of regulatory compliance requirements related to cybersecurity.
Benefits
- Competitive compensation packages, including pay-for performance variable pay, recognition and rewards programs, and stock-based compensation awards (3-year vesting schedule).
- Flexible spending accounts and generous employer contribution to the HSA.
- 401(k), employer match up to 6%, additional employer retirement income contribution (no vesting period), and a nonqualified deferred compensation plan.
- 10 holidays and one flexible holiday of your choice.
- 56 hours of sick/safe leave.
- 8 hours of Paid annual volunteer hours.
