Title: Enterprise Cyber Security Solution Architect    
Company: Tampa Electric Company
Location: Ybor Data Center    
State and City: Florida    -  Ybor City
Shift: 8 Hr. X 5 Days  

Hiring Manager: Jason W Sizemore   

Recruiter: Mark E Koener    

TITLE:    Enterprise Cyber Security Solution Architect
PERFORMANCE COACH:    Manager Cyber Protection
COMPANY:    Tampa Electric
DEPARTMENT:    Information Security

POSITION CONCEPT
The Enterprise Cyber Security Solution Architect focuses on implementing safeguards to ensure the delivery of critical infrastructure services and to limit the impact of potential cybersecurity events. Responsible for implementing a robust defense against cyberattacks and ensures the confidentiality, integrity, and availability of an organization’s assets.  Developing and managing the organization’s protection mechanisms to safeguard its critical assets. Responsible for designing and implementing technologies and processes for the following cybersecurity controls: Identity and Access Management (IAM), Data Protection, Application Security, and Infrastructure Security.  Collaborates with other teams such as Technology, Legal, and business to identify and reduce cyber risks and positions the company to comply to laws, regulations, and company policies. Helps the organization protect assets from evolving cyber threats, stay in compliance with regulatory mandates, and foster a cyber risk aware culture. Serves as a solution orientated problem-solver with demonstrated knowledge of information security best practices. Ensures the integrity of the company’s information resources at the network, operating system, and application levels.

PRIMARY DUTIES AND RESPONSIBILITIES 
1.    IAM: Designs, implements, and manages an organization’s privileged access management (PAM), identity governance and administration (IGA), and other IAM systems to ensure secure and controlled access to resources with a focus on protecting data by managing user identities, credentials, and permissions, and ensuring compliance with relevant security standards and regulations. Responsible for continuous improvement and robust support for IAM toolsets and IGA processes. Provide overall direction, guidance, definition, and integration of operational processes of new and existing team members, contractor, and other enterprise identities and associated access. 30%

2.    Data Protection: Designs, implements, and manages data loss prevention (DLP) strategies and technologies to protect sensitive data from unauthorized access, use, or disclosure. Additionally, designs the file integrity monitoring (FIM) architecture, including the choice of FIM tools, agents, monitoring protocols, and baseline creation. Responsible for the deployment and configuration of the FIM solution across the organization’s infrastructure with the intent of protecting critical files and directories from unauthorized modifications. 30%

3.    Application Security: Responsible for the design and implementation of secure applications which include creating secure reference architectures, patterns, and coding guidelines. Collaborate closely with developers to integrate security into the software development lifecycle (SDLC). Educate team members on secure coding practices and other security policies. Develop and maintain security policies and procedures that ensure the organization’s applications are secure and compliant with industry standards and regulatory requirements. 20%

4.    Infrastructure Security: Responsible for ensuring the security of various aspects of the infrastructure, including network security, system security, and application security. Collaborate closely with owners of security controls such as firewalls, intrusion detection systems, VPNs, etc. to ensure security policies and standards are followed and consistently enforced throughout the organization.  Identify and mitigate security vulnerabilities, develop and enforce security policies, and respond to security incidents. 20%

RELATIONSHIPS
Key Internal:    Will engage multiple Information Technology (IT) groups and business units.  Interactive engagement will require communication with individual contributors, middle management, and executive management.

Key External:    Will engage external contacts including vendors, contractors, regulatory agencies, industry associations, and other utility partners.
        

QUALIFICATIONS
Education
Required:    Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems or other IT or Engineering related field. 

Preferred:    Master’s Degree in Cybersecurity, Computer Science, Information Systems or other IT or Engineering related field.

Licenses/Certifications
Required:    From the list of certification vendors, two related Information Security professional certification or ability to obtain via self-study within one year of hire date (ex: (ISC)2, GIAC, ISACA, CompTIA, e-Council, etc.).

Preferred:    ITIL v3 and three or more of the following or similar Information Security professional certifications (ex: ACE, CCE, CEH, CISA, CISM, CISSP, CRISC, EnCE, GCCC, GCDA, GCED, GCFA, GCFE, GCIA, GCIH, GCWN, GICSP, GMON, GNFA, GPEN, GPPA, GREM, GWAPT, GXPN, OSCP, SSCP).

Related Experience 
Required:    8 years of related Cyber Security or IT experience (Information Systems Audit or Assessor role, Information Security role, systems management, systems administration, information systems security, system certification, risk analysis) with a focus on DLP and/or FIM solutions and security controls.  

May consider a degree in lieu of experience.  An Associates degree in Computer Science, Information Systems or other IT related discipline and 6 years of experience or a Bachelors in Computer Science, Information Systems or other IT related discipline and 3 years of experience.

Knowledge/Skills/Abilities (KSA) 
Required:    
•    Possess an expert level of knowledge in the discipline of cybersecurity as well as a high level of competency in architecture, methodologies, and best practices for IAM, Data Protection, and Application and Infrastructure Security concepts, strategies, standards, functions, capabilities, and technologies.
•    A solid understanding of fundamental principles of cybersecurity, including threat landscape, vulnerabilities, and risk management.
•    Significant high-level system/security engineering experience with broad knowledge across many technologies.
•    Knowledge of systems security engineering (SSE) principles and practices.
•    Knowledge of secure software deployment principles and practices.
•    Knowledge of data classification tools and techniques.
•    Knowledge of enterprise architecture (EA) reference models, frameworks, principles, and practices.
•    Knowledge of the Open Systems Interconnect (OSI) reference model.
•    Knowledge of configuration management tools and techniques.
•    Knowledge of Confidentiality, Integrity, Availability, Authenticity, and Non-repudiation (CIAAN) principles and practices.
•    Familiarity with relevant security standards and frameworks such as NIST Special Publication 800-53, ISO 27001, and others depending on the industry.
•    Knowledge of applicable laws and regulations governing information security, privacy, and data protection.
•    Understanding of information technology systems, network architecture, and common technologies to assess security controls effectively.
•    Knowledge of security control frameworks and their implementation, including access controls, encryption, and incident response.
•    Knowledge of advanced cybersecurity tools and platforms, such as SIEM, IDS/IPS, endpoint protection, and threat intelligence solutions, for effective risk analysis and mitigation. 
•    Ability to conduct comprehensive risk assessments, identifying and analyzing security risks to information systems.
•    Technical skills to assess security controls, perform vulnerability assessments, and understand the technical aspects of security implementations.
•    Strong communication skills to effectively convey assessment findings, risks, and recommendations to technical and non-technical stakeholders.
•    Ability to create clear and detailed documentation, including assessment plans, reports, and recommendations.
•    Critical thinking and problem-solving skills to analyze complex security issues and recommend appropriate solutions.
•    Keen eye for detail to identify vulnerabilities, weaknesses, and discrepancies in security controls and documentation.
•    Ability to adapt to evolving cybersecurity threats, technologies, and regulatory requirements.
•    Ability to analyze complex datasets and identify trends and patterns that could indicate cybersecurity risks or vulnerabilities.
•    Adherence to ethical standards and professionalism, as SCAs often have access to sensitive information and play a critical role in maintaining the integrity of security assessments.
•    Collaboration with various stakeholders, including system owners, security teams, and management, to ensure a comprehensive understanding of the information system and its security controls.
•    Commitment to continuous learning and staying updated on the latest. 

TECO offers a competitive Benefits package!!

Competitive Salary *401k Savings plan w/ company matching * Pension plan * Paid time off* Paid Holiday time * Medical, Prescription Drug, & Dental Coverage  *Tuition Assistance Program * Employee Assistance Program * Wellness Programs * On-site Fitness Centers * Bonus Plan and more!