IT Manager, Security Architecture and Strategy
- Berlin, CT
- Permanent
- Full-time
The Manager of Security Architecture and Strategy is responsible for leading a high-performing team of over 10 security architects to design, implement, and maintain the enterprise’s security architecture. This leader will set the vision, strategy, and roadmap for security architecture across the organization, ensuring alignment with business objectives and compliance requirements. The role requires a proven track record in both security architecture and leadership, with the ability to partner effectively across IT, business units, and executive leadership. The ideal candidate will be decisive, strategic, and collaborative, with the ability to set clear priorities and drive measurable improvements to the organization’s security posture.Essential Functions:
- Lead, mentor, and develop a team of 10+ security architects, fostering a culture of problem solving, partnership, and accountability
- Partner with business, IT leaders, and project teams to design secure solutions from the start
- Ensure architecture standards and security policies are enforced across projects and programs.
- Ensure security architecture aligns with industry best practices, regulatory requirements, and emerging threats
- Develops Eversource Security Standards and ensures alignment with Eversource Enterprise Architecture and Solution Architecture teams accordingly
- Serve as a trusted advisor to senior leadership on security architecture and risk-related decisions
- Champion the adoption of innovative security solutions that improve efficiency and protection
- Continuously assess and improve security architecture processes and practices
- Ability to anticipate and respond to changing priorities and operate effectively in a dynamic demand-based environment, requiring extreme flexibility and responsiveness.
- When Eversource security standards cannot be met, works with business to document policy exceptions in GRC (Governance Risk & Compliance) tool.
- Produces high quality oral and written work, presenting complex technical matters clearly and concisely with audiences ranging from peers to Senior Management.
- Recommends effective process changes to enhance defense and response procedures.
- Assists with annual SOX, CIP and SOC assessment and related remediation efforts.
- Must have an extensive understanding of IT Security standards and solutions, Application Security (Secure SDLC including agile) and underlying principles of networking, infrastructure and system integration.
- Must be familiar with current and proposed laws, regulations, industry standards, and ethical requirements related to information security and privacy.
- Must have experience in cloud technologies including Azure.
- Knowledge of Operational Technology and NERC CIP desired
- Bachelor’s degree in Information Systems, related technical field or equivalent experience
- 10+ years of experience in information security, with at least 2 years in a lead role within a security or security architecture team.
- Strong working knowledge of information systems security standards and practices.
- Experience with one or more of the following: security monitoring, database security, policy and procedure, Active Directory, cryptography/PKI, application security, secure SDLC, risk assessments, security awareness, or related information security subject area.
- Degree in Information Security or security certification preferred.
- Must be available to work emergency storm assignment as required.
- Must be available to travel between MA/CT/NH as necessary.
- Must be able to multi-task