Security Architect

At Sylvamo, we’re a team on a mission. Joining us, you’ll be helping to sustain forests and renew ecosystems, while delivering on the promise of paper to educate, communicate and entertain the world. Come grow with us WHO WE ARE AND WHAT YOU WILL DO The Security Architect position is part of the Global Information Security (GIS) organization within Information Technology. The position has global responsibility for developing and sustaining the secure architecture and design of IP’s IT infrastructure. The key actions, outputs, deliverables, products and Services include: - Oversee security risk assessments and project security reviews for all IT projects to maintain alignment with Global Information Security policies and standards. Propose needed security controls. - Consult on projects that need security technical expertise to maximize their success and achieve Security approval for project state changes. - Perform high-level security analysis and consulting for manufacturing operational technologies. - Provide technical expertise on Azure Security (AD, Security Center, O365 security) - Provide technical expertise on Network Security standards and architecture - Lead technical projects aligned with the security program and vision. - Communicate and coordinate with other architecture groups and business units. - Develop high-level strategic plans and roadmaps. - Develop long-term threat horizons and roadmaps. - Research and write GIS Technical Security Standards, Guidelines and review policies for all areas of Information Security. - Provide technical expertise as part of Cyber Incident Response. The key Accountabilities (outcomes) and Actions of this position include: - Security Architecture services on all IT technologies and services (end-to-end). - Provide security consulting and design support on all of Sylvamo’s IT tools, policies, and processes globally. This includes security testing to ensure compliance with security regulatory guidelines and industry best practices. - Develop security guidelines and standards for the secure enablement of IT systems and processes in accordance with security policies. - Advise and educate on security risks and issues at all levels of the organization - Develop and mature Cyber Security Metrics - Strategy and Innovation Leadership - Provide strategic direction relative to the implementation/use of IS technologies and solutions at Sylvamo. - Understand the implications of GIS processes technology enablement across geographic and language boundaries. - Leverage knowledge of Cyber Landscape and current Cyber risks to optimize vendor landscape and Security budget while reducing risks to Sylvamo. WHO YOU ARE AND WHAT YOU WILL NEED (KNOWLEDGE AND EXPERIENCE) - Bachelor Degree in Information Technology, Computer Science or a related discipline or equivalent work experience - 7+ years of IT work experience - 5+ years of Information Security experience - 4+ years IT business analysis and design experience with exposure to customers. - 2+ years of Cloud Security experience (Azure and/or AWS and/or Google Cloud) - Proven leadership skills with the ability to manage conflict, deal with ambiguity, negotiate and make timely decisions. - Ability to analyze new IT solutions, identify potential security concerns, develop approaches that can be used to mitigate identified risks, and work with team members to implement recommendations. - Experience conducting vulnerability and penetration scans - Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, and user). - Security Certification desired: CISSP, CISM, GIAC or CISA. - Knowledge and understanding of Operational Technology and SCADA network and design principles. - Minimal Travel (< 10%); Minimal lifting / physical requirements **The information necessary in the recruitment process is**: name, surname, contact details, education, previous employment record and qualifications. Any supplementary information you provide is processed on the basis of your consent.