Sr Principal - Enterprise Security Architect

The Sr. Principal - Enterprise Security Architect will serve as a primary subject matter expert for cybersecurity architecture, you will report to the Sr. Director of Information Security, integrating cross-functionally with our Enterprise Architecture group, multiple IT teams, and business segments. The enterprise security architect is responsible for designing, implementing, and maintaining the security architecture of the organization's IT systems and networks. The senior enterprise security architect works closely with the IT leadership, business stakeholders, and security teams to ensure that the security architecture aligns with the business objectives, regulatory requirements, and industry best practices. The senior enterprise security architect also provides guidance, mentoring, and training to other security professionals and IT staff on security architecture principles and practices.

Core Responsibilities:

Develop and implement principles of secure design within the architecture framework, policies, and standards of the company across business segments, functions, and IT
Establish reference cybersecurity (Target, Reference, and Solution) architectures that can be leveraged for scale and decentralized deployments spanning multi-cloud hosting, SaaS interconnect, Application configuration, OT/manufacturing, and/or enterprise environments
Serve as a Cyber Security subject matter expert and provide architecture guidance across cybersecurity functional areas, which may include Network, Endpoints, Internet / SSE, Cloud, Identity & Access Management, Active Directory and AAD, PAM, Remote Access, Data protection, Logging, Applications & APIs, Operational Manufacturing and IoT Security, to name a few
Facilitate communication with cross-functional groups to help gather requirements and drive sustainable solutions to completion
Providing committee security review over proposed designs, as well as the tracking, & resolution of action items assigned during design reviews.
Conduct proof of concept activities with key business users in support of advanced use cases
Be a champion and advocate of cybersecurity within the company
Researches current security threats, techniques, and landscapes
Conduct security architecture reviews and assessments of existing and proposed IT systems and networks, including cloud-based and hybrid environments
Evaluates secure design strategies to identify and recommend improvements to potential security design problems.
Creates, analyzes and revises existing system logic and documentation
Identify gaps/opportunities for enhancements to workflows and processes for enhancing the detection and response lifecycle.
Acts as a technical or security advisor in our risk management processes.
Identify and evaluate security risks and recommend appropriate security controls and solutions, taking into account the trade-offs between security, usability, and cost
Design and implement security solutions for complex and critical IT projects and initiatives, such as cloud migration, digital transformation, and business continuity
Monitor and evaluate the effectiveness and performance of the security architecture and solutions, using metrics, audits, and feedback mechanisms
Research and stay updated on the latest security trends, threats, and technologies, and incorporate them into the security architecture as appropriate
Requirements

Minimum 7 years of experience in enterprise security architecture or a related field.
5+ years' experience in Information Security, including experience with security principles, and defense-in-depth techniques.
Bachelors' degree or equivalent experience.
Current holder of CISSP, or other industry certifications
Proven experience in designing, implementing, and maintaining secure network architectures.
In-depth knowledge of security principles, frameworks, and methodologies (e.g., NIST Cybersecurity Framework, CIS Controls).
Experience in a cloud computing environment (e.g., AWS, Azure, GCP).
Strong understanding of network security technologies (e.g., firewalls, intrusion detection/prevention systems, data encryption).
Excellent communication, collaboration, and interpersonal skills.
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
Ability to translate complex technical concepts into clear and concise language for both technical and non-technical audiences.
A proactive and results-oriented approach with a strong work ethic.
Practical experience of defensive and offensive security measures.
Strong functional understanding of computer networking, building of networks, and all associated components.
Practical experience leading, documenting and improving security through threat modeling .
Multiple years of experience in information systems with experience in designing, development and support of complex systems and solutions.
Practical experience implementing controls supporting NIST, ISO, or other industry standards.
Ability to set and manage priorities judiciously.
Ability to present ideas in business-friendly and user-friendly language.

Preferred Qualifications:

SAP Experience
Security project management experience preferred but not required
Azure Solutions Architect
Azure Security Engineer Associate
Network Experience, Big Data Analytics, Emerging Tech
knowledge of IAM principles and practices

Relocation Available?

No

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Ingredion provides accommodations to job applicants with disabilities throughout the hiring process. If a job applicant requires an accommodation during the application process or through the selection process, we will work with the applicant to meet the job applicant's accommodation needs.

We are an equal opportunity employer and value diversity at our company. Ingredion seeks to provide a work environment that is free from harassment and discrimination. We will not tolerate any form of discrimination based on race, color, religion, age, gender, gender identity, gender expression, national origin, ancestry, handicap or disability-mental or physical-marital status, sexual orientation, veteran status, disability resulting from military service, or any other classification protected by law ("protected classifications"). We are committed to establishing and maintaining a work environment where everyone is treated with dignity and respect.

Relocation Available:
No