Assistant Principal Engineer, Smart Sustainable Utilities

Position Overview 

The Solution Architect - System Security (SA) evaluates and defines the overall security framework of enterprise systems, ensuring that security controls are integrated across infrastructure, applications, and data. The SA also provides guidance to software delivery team leads where relevant, to design secure architectures, identify risks, and enforce best practices for confidentiality, integrity, and availability.

Key Responsibilities

Engineering and Delivery:

• Lead the design the security architecture and solution in system delivery projects during pre-sales and implementation.
• Provide technical guidance (e.g. guide the threat analysis, review security risk, advise and troubleshoot on security design solution and implementation, etc) to system delivery team leads to ensure compliance with relevant security requirements.
• Continuously keep up to date with new technologies to ensure that the security solutions incorporate modern security tools and practices.
• Experiment and evaluate new security ideas/tools/partners.
• Work with project system delivery teams to ensure that the system implemented addresses security adequately including identification of security risks and implementation of controls.

Collaboration and Stakeholder Engagement:

• Collaborate with other system Solution Architects and Leads, to identify security standards and regulatory requirements to be complied with.
• Collaborate with the customer leads to align security standards, technologies and practices with customer needs.
• Engage with users, partners, and other stakeholders.

Qualities We Value

• At least 3 years of experience in the development of security solution architectures and IT infrastructure backbone for secure mission critical building automation systems.
• Experience in cloud-based (public or private) security architectures, technologies and services.
• Experience in application of modern engineering security processes and practices (Agile, DevOps)
• Understanding of emerging technologies related to security solutions and engineering (AI, cloud services, DevOps tools).
• Familiar with customer/GOV standards and preferences
• Experience with multiple aspects of the overall solution including performance, security, latency and other relevant aspects for a solution
• Familiar with identification, determination and implementation of required level of security controls
• Familiar with planning, implementation, tools and techniques of system and software security test, security assessment and audit of implemented controls.
• Possess professional-level certification, such as:
  • Cisco certified network professional (CCNP) with IT security experience
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager ® (CISM ®) or equivalent