National Grid Lead Security Architect in Waltham, Massachusetts
Join National Grid’s digital transformation ! We are digital creators, continuous learners and daring innovators. We leverage digital innovative ways to create products and catalyze the transformation of National Grid's business units into more agile and digitally native organizations in our shared purpose of bringing energy to life. Come and join us on this incredible journey, We need you! (https://www.youtube.com/watch?v=8aXvnvdoZHI)
We want to find a highly motivated, innovative, and experienced Lead Security Architect keen to join our fast-paced Business Cyber Security team in Waltham, MA! (Candidates may also reside in either, Connecticut, New York, New Jersey, New Hampshire, Pennsylvania, Rhode Island, Vermont, or Maine) . If you yearn to be innovative and contribute new ideas and play a critical part in the US Customer Security Organization, we want to hear from you!
What you'll do
As a Security Architect, you'll serve as a security lead and an expert in many areas of security, describing in business terms the impact of security policies, standards, and architecture on the business. You'll provide security direction to programs and projects based on business requirements and focus areas. You'll interpret high level business requirements and communicate them to highly technical security engineers; conversely, you should also be able to articulate highly technical issues to a non-technical business audience. You'll provide security design and requirements guidance, and ensure that the delivered solution is fit for purpose and effective when transitioned into service. You'll identify security services to be integrated into the overall solution and work with the security domain engineering teams to ensure the implementation of the services. Key responsibilities include the following:
Drive security requirements, architectures, patterns, and approaches within the product operating model ensuring solutions are secure by design
Work closely with project teams and architects to advise on security matters, provide technical security input, refine designs, and ensure regulatory standards are met
Ensure encryption, tokenization, and anonymization techniques are leveraged to protect sensitive data at rest and in transit.
Evaluate legacy systems for security vulnerabilities and drive necessary updates to ensure their compatibility with current security standards.
Remove impediments for the successful integration of security services
Interface with non-technical business stakeholders to communicate and prioritize security risks
Ensure that key risks and issues are identified, addressed, and resolved in a manner that satisfies the business risk appetite.
Ensure residual risk is captured with remediation plans and that owners are identified and accept the risks.
What you'll need
Security Technology & Services knowledge
Strong background in defining security requirements across network, database, operating system, and application domains.
Strong knowledge of data and information flows, governance, and network protocols.
Broad knowledge of security solutions including IDS/IPS, secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management.
Experience with cloud security solutions and controls, especially in Azure
Good understanding of security testing processes: SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), Vulnerability Assessments, DevSecOps pipeline, penetration testing, etc.
Knowledge of security hardening techniques and policy development, particularly operating system hardening (e.g., Windows, UNIX, Oracle).
Knowledge of integration with Security Orchestration, Automation & Response (SOAR) solutions, or working within a system monitoring environment.
Project Engagement experience
Experience incorporating security controls at each stage of the software development lifecycle.
Experience of designing and managing security controls within service providers and the cloud.
Experience with Agile projects and a Product Operating Model approach.
Familiar with contract management, ensuring security controls are referenced in agreements.
Collaborative Working skills
Effective communication (written and verbal), leadership and partnering skills.
Able to demonstrate a high degree of credibility and influence senior stakeholders within the organization.
Prepared to challenge the program and IT colleagues and have the “difficult conversations” where needed in the interests of National Grid
Able to operate as a highly independent worker and as part of a strong team, taking a collaborative approach.
Motivated to freely share knowledge, educate, and inform.
It would be awesome if you had
Educated to degree level (or equivalent combination of education and experience).
Information Security Certifications/Qualifications such as CISSP and MSc Information Security
What you'll get
Consistent growth potential through company leadership programs
Competitive compensation package including robust benefits with a yearly bonus
Numerous wellness programs
A multitude of company-endorsed community programs to participate in
Are you the right fit for this exciting role? You want to learn more about the position and National Grid's ambitious Digital Transformation? Then let's chat!
Our organization follows a hybrid work structure in our service territory (NY & MA and adjacent states) where employees can work remotely or from the office, as needed. Working from the office is encouraged when working on tasks that require a high degree of collaboration. We work with our employees to foster a work schedule that fits your flexible schedule.
At National Grid , we keep the lights on and homes warm. But it’s so much more than that. We keep people connected and society moving. This is no easy feat, and it takes all of us. But National Grid supplies us with the environment to make it happen. As we generate momentum in the energy transition for all, we don’t plan on leaving any of our customers in the dark. But we aren’t looking for external recognition – we already what we do is vital. We’re building a clean, fair and affordable energy future.
$116,000 - $150,000 a year
Please be advised that due to the nature of this position, incumbents are subject to federal Drug & Alcohol safety regulations governing US Department of Transportation ("DOT") covered positions, including the Federal Motor Carrier Safety Administration (FMCSA) and Pipeline Hazardous Material Safety Administration (PHMSA). As such, the Company’s testing programs and policies regarding the use of federally prohibited drugs or alcohol, for recreational or medical purposes, will remain in effect for these safety-sensitive, DOT covered positions.
This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.
National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team.