Overview
Security Architect Jobs in Louisville, Kentucky, USA at Heaven Hill Brands
Title: Security Architect
Company: Heaven Hill Brands
Location: Louisville, Kentucky, USA
Type: Full Time
Category: IT/Tech, Security
This role is office hybrid and based in Louisville, Kentucky.
What the Role Is
The Security Architect will be the lead information security technologist for Heaven Hill. This position will be responsible for assessment of information security risks and threats, security technology architecture, development and execution of roadmaps to reduce risks to acceptable levels and close gaps to desired maturity states, lead cyber incident response and recovery, and drive
continuous improvement
of security operations.
This position will be responsible for leading the information security team and will report to the Director of Technology Services, who will be the overall owner of the information security function.
How You Will Spend Your Time?
Develop and implement security capabilities, technology, and process roadmaps for both Enterprise and OT security to achieve short-term and long-term objectives
Develop and enhance security policies and standards, based on sound security and architecture practices
Lead an appropriate and effective response and restoration process in the case of any security event
Ensure capability of business restoration to required objectives in a case of a breach or intrusion and resulting loss of data or access to systems and data
Consult, advise and oversee the secure design of key IT system and infrastructure projects to ensure alignment with enterprise security architecture incollaborationwith other business and IT stakeholders
Identify, establish and monitor appropriate metrics and leading and lagging indicators of security performance and capabilities
Lead vulnerability and security maturity assessments, and gap closure plans and execution
Coordinate, review and implement actions to maintain compliance with regulatory, insurance and security requirements
Identify unacceptable 3rd and 4th party risks and exposures and define and implement actions necessary; monitor ongoing performance to reduce these risks to acceptable levels
Maintain a thorough understanding of security threats and attacks to identify potential vulnerabilities along with their appropriate remediations
Monitor the environment (e.g., network, systems, end points) for security breaches, malware, and loss of data
Conduct regular system tests and ensure continuous monitoring of network security
Who You Are…
Bachelor’s degree in computer science, information systems, engineering or related degree;
Advanced degree preferred
Minimum 5 years of experience in the following areas:
Information Security Architecture and Engineering, Risk Management, Endpoint Security, Network Security, Identity and Access Management, Security Assessment and Testing and Security Operations required
Robust experience in Information Security domains, including experience within security functions of a global enterprise level entity required.
Current information security certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
Knowledgeable in security concepts and practices (e.g., IAM, Mesh architecture, zero trust, NIST CSF, MITRE Att&ck)
Experience with common industry enterprise class products and services for information security
Experience with networking (e.g., DNS, routing, PKI, certificate management, IDS, IPS, scanning, firewalls, segmentation and microsegmentation)
Experience and understanding of standard IT m…
