Apply for this job now

Security Architect - IT

Location
Winston Salem, North Carolina
Job Type
Permanent
Posted
1 Sep 2022
7412BR

PRS Facility Location:

Winston Salem, NC - 329

Job Purpose:

Information Security is embedded in everything we do at Progress Rail, from the core IT systems used by thousands of Progress Rail employees and business partners deployed on premise or within a cloud provider to the products and machinery that we sell to our customers. Cybersecurity has evolved to be a key consideration in nearly every aspect of our business, and we are seeking the right talent to join the Progress Rail organization to provide strong information security leadership.

The Security Engineer works with systems and software engineers supporting the development of the hardware and software for our products to ensure security is embedded into the design and lifecycle of the solution. Hybrid, and On-Prem infrastructure for internal and client stakeholders. As a Security Engineer, you will implement effective and secure solutions, as well as monitor for compliance with internal controls and regulatory obligations, and proactively identify areas for improvement. The focus will be to ensure that all systems are designed to secure standards, monitored for adherence to standards, and state reported to leadership. This position will report to the Director IT Security.

Req ID:

7412BR

Company Description:

Progress Rail, a Caterpillar company, is an integrated rolling stock and infrastructure provider, delivering a full range of products and services to domestic and international railroad customers. Our customers enjoy one-stop shopping and comprehensive cradle-to-grave railway solutions - whether it rolls on the rail or is the rail itself. From locomotives, transit, freight cars and engines, to tracks, signals and advanced technology, we ensure customers can count on us to meet all their rail needs.

Forging the bridge between ideas and success, our talented and innovative team members work together to address the challenges of the rail industry today, ensuring success for the future. As part of a vibrant, global network of business operations, each and every member of our team is important to our success. With headquarters in Albertville, Ala., more than 7,000 dedicated employees serve customers through a network of close to 150 locations around the world. For more information, visit and follow on Twitter and YouTube.

Education / Training:

• Bachelor s degree in Computer Science, Information Security, or a related field.

Job Title:

Security Architect - IT

City:

Winston Salem

Key Job Elements:

The Security Engineer shall have significant working experience, knowledge and accreditation in the design, implementation and operation of security programs and controls that span following areas:

• Infrastructure Security: Experience with the integration of common infrastructure security technologies and solutions into business solution architectures including the integration of identity & access management, intrusion detection and prevention, security monitoring, and data encryption solutions;

• IoT Security: Understanding of requirements and methods of developing and securing remotely connected devices;

• Information Security Standards and Frameworks: Knowledge of common information security standards such as: ISO 27001/27002, NIST CSF, CSA and CIS Controls;

• Cloud Security: Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud-based solutions.

Additional duties and responsibilities:

• Understand the security requirements of rail and similar industries and apply understanding to support the development of new products as well as security management of legacy products;

• Provide input to industry committees supporting the development of standards;

• Develop threat models and perform security reviews;

• Apply threat modeling techniques to evaluate risks and threats to systems;

• Support communication of analysis to internal and external customers technology;

• Formulate security architecture recommendations;

• Continuously identify gaps in security program coverage;

• Liaise with the vendor management teams to conduct security assessments of existing and prospective vendors;

• Develop and enhance information security documentation, such as policies, standards, and procedures;

• Familiarity with the following regulatory and control frameworks: ISO 27001, ISO 27002, NIST 800 series publications, IEC 62443, CIS and similar;

• Establish appropriate logging and monitoring of threat activity;

• Coordinate response to security incidents, including the possibility for discussion of the event with customers and partners;

• Experience in analyzing data and providing metrics, technical diagrams, topology maps, reports and presentations.

Qualifications and Experience:

Required:

• 5 or more years in the IT architecture or information security field with progressing levels of enterprise level accountability;

• Professional certification in an information security field relevant to security engineering/architecture (e.g. GIAC, ISC2);

• Demonstrated ability in project management and change management;

• Excellent written and verbal communications/presentation skills;

• Experience with cybersecurity threat models and risk mitigation/remediation techniques.

Preferred:

• Experience in rail or air or other transportation industries;

• Operational Security: Experience with defining and monitoring operational models and procedures for business solutions including the administration and maintenance of infrastructure and application security controls;

• Software development Methodologies: Understanding of software development methodologies as and application of security practices in development processes. Focus on security-as-code and continuous compliance practices;

• Application Security: Experience with the design of security controls for business solutions including the design of application-level access and entitlement management, data tenancy and isolation, encryption, and logging.

EEO:

Equal Opportunity Employer - Race/Color/Sex/Religion/National Origin/Sexual Orientation/Gender Identity/Vets/Disabilities

Benefits:

Progress Rail Services Corporation and its subsidiary and affiliate companies offer an excellent total compensation package including competitive salary, 401(k) plan with company match, available medical/dental/vision/life/disability insurance along with flexible spending and paid vacation and holidays. Relocation assistance may be available for some positions.

Benefits eligibility differs by job position and employment status - governing plan documents control such benefits..

Job Category:

Information Technology

Work Location Options:

Fort Worth, TX; LaGrange, IL; Winston Salem, NC or Guntersville, AL

State::

North Carolina
Apply for this job now

Details

  • Job Reference: 700990305-2
  • Date Posted: 1 September 2022
  • Recruiter: Progress Rail Services Corp.
  • Location: Winston Salem, North Carolina
  • Salary: On Application
  • Sector: I.T. & Communications
  • Job Type: Permanent