Logo
CPS Energy

Enterprise Security and IAM Architect

CPS Energy, San Antonio, Texas, United States, 78208


Enterprise Security and IAM Architect Date: Oct 22, 2024 Location: San Antonio, TX, US, 78205 Company: CPS Energy We are engineers, high line workers, power plant managers, accountants, electricians, project coordinators, risk analysts, customer service operators, community representatives, safety and security specialists, communicators, human resources partners, information technology technicians and much, much more. We are 3,500 people committed to enhancing the lives of the communities we serve. Together, we are powering the growth and success of our community progress every day Position Summary The Enterprise Security and IAM Architect is a combined practical and strategic position that involves establishing technical strategy, defining enterprise security and IAM architectures and leading solution implementations from a technology perspective. The position provides technical guidance and training to the implementation teams, serves as technology and best practices evangelist and ensures that implementations follow the finest of implementation standards and principles. This position advises technical management and business areas on key architectural decisions regarding platforms and supporting technologies. This position produces technical architectures (documented by deliverables) that are scalable, maintainable, dependable, secure, and meet performance requirements. This position represents the Enterprise Information Technology (EIT) organization across CPS Energy and works across the company to deliver technical solutions, including providing continuity on major solution decisions, communicating technology solution value across all levels of the company and ensuring solutions are implemented according to the defined solution architecture and technical standards. Enterprise Security and IAM Architect Grade: 18 Qualifications may warrant placement in a different job level. Deadline to apply: Open until filled Tasks and Responsibilities Responsible for enterprise security architectural design and planning in a hybrid cloud environment. Designing data-centric security architectures to ensure appropriate control over data use and protection. Responsible for the strategy and enablement of identity and security solutions that include DLP, Encryption, Key Management, Identity Management, Secure Data Transport, audit, event detection, CASB, Intrusion Prevention, Remote Access, Firewall and more. Understanding the Enterprise's Identity Management current requirements, future state and industry best practices to plan and implement Identity & Access Management (IAM) solutions. Responsible for architecting IAM in a hybrid cloud environment, user/service/device authentication & authorization, managing enterprise identities and entitlements. Architecting the security posture of enterprise Operational Technology (OT) environments to help ensure compliance with NERC and other regulatory bodies. Should have a solid understanding of general IT application structures, the supporting components to the network, and general overall wholistic IT functions, operations and general dataflows of the enterprise to enable planning and implementation of best practice security measures. Must be knowledgeable of past, present, and upcoming security technologies, standards, and best practices to properly plan and implement solutions in the most effective way Develop enterprise security architectural patterns, approaches and design solutions, research new technologies and approaches Plan on how security controls are used (CASB, CSMP, CNAPP, CWPP and so on) and how they are deployed Create security standards and roadmaps, develop recommendations for migrating to future standards. Responsible for the security design, architecture and automation designs of on premise, wide area and Cloud solutions. Partner with vendors to select appropriate technical solutions. Collaborate with stakeholders to develop consensus, drive results, and execute projects across the organization on time and within budget. Manage several simultaneous initiatives from conception through implementation. Contribute to security standards and design patterns. Deliver solutions tailored to internal business requirements. Articulate design rationale, flexibly adapt solutions, and iterate designs when required. Provide 3rd level support and input as required to teams diagnosing reported issues, providing root cause analysis to management and the business teams. Work closely with Senior management, Architecture, Application managers and IT Security, BTE and operations teams. Enhances efficiency via automation when and wherever possible. Cross train other team members on projects, and network technologies. Minimum Skills Minimum Knowledge and Abilities Strong interpersonal skills essential and ability to handle competing priorities. Experience in IT, with experience in system design. Understanding of common information architecture frameworks and information modeling methods. Knowledge of problem analysis, structured analysis and design, and statistical programming languages, and database query language (SQL and NO SQL based). Familiarity with enterprise level business intelligence and data warehousing platforms. Understanding of basic statistics, machine learning algorithms, multivariate calculus and linear algebra. Preferred Qualifications Enterprise securityarchitecture experience in a complex, multi-platform distributed environment Strong experience with On-Prem / Private, Public Cloud network, identity and application security services. Experience and knowledge of security methods and solutions to support: DLP, Encryption, Key Management, Fine Grained Access Control, Audit Trail, Detection, CASB, Micro segmentation, Cybersecurity Mesh, Secure Access Service Edge (SASE) and others. Knowledge of industry security standards and frameworks such as Payment Card Industry (PCI), HIPAA NIST, ISO 27001 and Cybersecurity Framework (CSF). Familiar with principles of cloud security and solutionsincluding native cloud provider security, Office 365 security and Cloud Security Posture Management (CPSM) Specific experience securing Microsoft Azure hosted services. Experience with Identity Management Solutions and leading products in the marketplace. CISSPor equivalent technical certification will be beneficial Experience architecting and implementing network security & QoS technologies. Able to develop opportunities, pitch and deliver security related projects Competencies Delegating Responsibility Driving Projects to Completion Navigating Organizations Communicates Effectively Developing Plans Managing Time Minimum Education Bachelor's degree in computer science, information systems or a related study, or equivalent project-related technical experience. Required Certifications Working Environment Indoor work, operating computer, manual dexterity, talking, hearing, repetitive motion. Use of personal computing equipment, telephone, multi-functioning printer and calculator. Ability to travel to and from meetings, training sessions or other business related events. Physical Demands Exerting up to 10 pounds of force occasionally, and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects, including the human body. Sedentary work involves sitting most of the time. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met. CPS Energy does not discriminate against applicants or employees. CPS Energy is committed to providing equal opportunity in all of its employment practices, including selection, hiring, promotion, transfers and compensation, to all qualified applicants and employees without regard to race, religion, color, sex, sexual orientation, gender identity, national origin, citizenship status, veteran status, pregnancy, age, disability, genetic information or any other protected status. CPS Energy will comply with all laws and regulations. IN_TECH Nearest Major Market: San Antonio Job Segment: Cloud, Developer, Solution Architect, Power Plant Operator, Database, Technology, Energy