Sr Security Architect Systems & Endpoints

Roles & Responsibilities:

Conduct risk assessments to identify vulnerabilities in IT systems, processes, and policies.

• Maintain the IT risk register, documenting risks, issues, and remediation actions.

• Recommend risk mitigation strategies and implement risk management controls across IT infrastructure.
• Collaborate with IT, cybersecurity, and business teams to track and resolve identified risks.
• Monitor and report on the effectiveness of existing IT risk controls and recommend enhancements as needed.

Compliance:

• Provide support to the compliance team in internal and external audits with regards to  relevant industry standards and certifications  (e.g. ISO 27001, SOC1, SOC2, NIST).
• Support the development and implementation of IT governance, risk, and compliance frameworks.

Governance

• Provide process-oriented, results-driven approach to compliance.  Provide input and support of the cybersecurity trust center, blog and Viva Engage.  Provide expertise in identifying security control gaps and assist stakeholders in remediation mitigation.
• Participate and assist sales, pre-sales and technical account managers in the completion of customer provided security questionnaires.  Ensure cybersecurity policies, processes, procedures, and plans are followed and align with cybersecurity roadmap during all audits.
• Researching industry compliance regulations and policies.  Keep updated on compliance requirements and amendments to regulations.  Evaluating internal operational and procedural compliance.  Analyzing and updating existing compliance policies and related documentation.

Vendor Risk Management:

• Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary.
• Perform vendor offboarding process with respect to Blue Yonder data handled by the vendor.
   

Basic Qualifications and Experience:

Bachelor’s degree in information technology, Cybersecurity, Risk Management, or a related field.

• Certifications such as CRISC (Certified in Risk and Information Systems Control), CISA (Certified Information Systems Auditor), or CISSP (Certified Information Systems Security Professional) are highly desirable.
   

Experience:

• 12 -15 years of experience in IT risk management, IT auditing, or information security.
• Hands-on experience with GRC tools and frameworks
   

Skills and Competencies:

• Strong understanding of IT infrastructure, systems, and security best practices.
• Ability to assess technical and business risk related to information systems.
• Excellent problem-solving, analytical, and communication skills.
• Ability to communicate complex risk concepts to non-technical stakeholders.
• Familiarity with regulatory frameworks and compliance standards.

• Proficiency with risk management tools, GRC (Governance, Risk, and Compliance) software, and security incident management tools.
• Experience with security controls related to networks, databases, and cloud environments.
  
  Soft Skills:

• Excellent analytical and troubleshooting skills
• Strong verbal and written communication skills
• Ability to work effectively with global, virtual teams
• High degree of initiative and self-motivation
• Ability to manage multiple priorities successfully
• Team oriented, with a focus on achieving team goals
• Collaboration with global teams
• Excellent interpersonal skills, ability to work effectively with product development and internal audit teams.
  Proven ability to serve as an effective member of a compliance team.
  Experience in managing customer security assessments/questionnaires.
  Experience in educating stakeholders in security compliance audits, risk management, third party risk management
  Lead security planning efforts and interact effectively with auditors, customers and key stakeholders.
  
   

Our Values

If you want to know the heart of a company, take a look at their values. Ours unite us. They are what drive our success – and the success of our customers. Does your heart beat like ours? Find out here: Core Values

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.