This job posting is no longer active.
Description
• Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts • Participate in application and infrastructure projects to provide security-planning advice • Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application • Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool • Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and DT Enterprise Architects • Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics • Collaborate with DT Smart Home, Product Security Managers and teams to assess the security of operational technology (OT) and Internet of Things (IoT) systems • Liaise with the internal audit (IA) team and Security Governance Manager to review and evaluate the design and operational effectiveness of security-related controls • Architecting and designing IAM technology such as federation (SAML, OAuth, OpenID Connect), Multi factor Authentication (MFA), Single Sign On (SSO), Active Directory, API gateway access control, identity governance & administration. •The enterprise security architect will be expected to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization. • Provide technical guidance and foster a collective understanding of data flows and security issues encountered in cloud applications and services • Staying abreast of changes in vendor landscape and providing guidance regarding cloud service offerings. • Lead Cloud Security DevOps with different scrum teams and plan user stories for sprints while addressing requirements and orchestrating security impact • Provide expert knowledge of cloud security architecture and consult with business and other technology teams to address complex application needs • Work closely with development teams on Infrastructure as Code, Automation, and Orchestration • Provide Security posture and best practices for deploying web and service-based applications in Windows/Linux environments using containers • Review network segmentation to ensure least privilege for network access • Validate security configurations and access to security infrastructure tools, including firewalls, proxies, IPSs, and WAFs • Design (and provision) network security policies and controls and dynamic routing • Design (and provision) VLANs and Isolated L3 networks compliant with required Zero Trust Principals • Strong experience with Directories, SSO, Federation, Delegated administration, API gateways, SOA services.
• Bachelor's or master's degree in computer science, information systems, cybersecurity, or a related field. • 5 - 7 years' experience architecting solutions • 5 - 7 years' experience in Information Security • CISSP - Certified Information Systems Security Professional • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services • Possess significant breadth across other disciplines (e. g., enterprise security architecture, compute services, storage, large-scale networking, virtualization, data center, integration architecture (API), orchestration technologies (Openstack/Cisco), systems resiliency, service support, application development lifecycle management (DevOps), and service delivery). • Direct experience designing IAM technologies and services: • Strong working knowledge of IT service management (e.g., ITIL-related disciplines): • Be a strong technologist with pragmatic view and creative mind, and a natural collaborator with line of business security architects, engineers, developers, application owners, service providers, and senior management. • Experience working with cloud security management / governance tools, Cloud Access Security Brokers (CASB), cloud services and 3rd party hosted services, and server virtualization products and technologies. • Experience with one or more general purpose programming languages including but not limited to: Java, C/C++, C#, Objective C, Python, JavaScript. • Excellent command of Cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies • Hands-on experience as an engineer or architect with public cloud technologies to include Amazon Web Services (AWS) and Microsoft Azure Cloud Platforms. • Proven experience securing cloud software, platforms and/or infrastructures. • Experience designing cloud security solutions, including creating artifacts, models, and strategy presentations.
GE Appliances is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.