Job Overview:
In this exciting role, you will be developing and maintaining a 5-year roadmap covering all cyber security domains including defense-in-depth, network security, identity and access management, cloud security, data security, application security, cyber security analytics, endpoint security, security orchestration and automated response (SOAR), and compliance. This involves monitoring & tracking cyber security vendor/partner/MSSP ecosystem and identify opportunities to PoC/trial innovative new solutions that can further Sobeys interests.
What you’ll do:
- Monitor & track regulatory and industry developments around cyber security and privacy
- Prepare position papers for business opportunities
- Work with Enterprise Architects and other IT leads to ensure security and privacy are built into the technology roadmap
- Ability to analyze project, program and portfolio needs, as well as to determine the resources needed to achieve objectives and overcome cross-functional barriers
- Define principles to guide solution decisions for the enterprise
- Work closely with legal/chief privacy officer, enterprise risk management, and internal audit to progress the roadmap on enterprise security controls
- Define models, including solution patterns, to guide IT solution decisions for the enterprise
- Collaborate on the implementation of EA through the organization; align on EA best practices, processes, and templates
- Work closely with business units (Marketing, Finance, Operations, etc.) to understand short- and long-term security and privacy requirements
- Able to communicate between cross-functional teams:
What you’ll have:
- Adept in threat risk modelling and attack surface assessments
- Thorough understanding industry frameworks and standards including NIST, ISO, COBIT, PCI, etc.
- 2+ year as an Enterprise Architect or Solution Architect
- Ability to effectively research emerging technologies and trends, standards, and products
- Undergraduate degree in computer science or engineering
- Minimum 10 years progressive work experience in Information Technology
- Minimum 5 years of technical experience in cyber security
- Ability to balance short-term results with long-term needs and to offer incremental approaches to achieve strategic objectives
- Experience in security and privacy impact assessment for very large and complex architectures, desired