Cyber Security Architect - SR (Hybrid)

At ERCOT, our diverse and dynamic work environment provides a platform on which employees can work together to build the future of the Texas power grid and wholesale market utilizing the latest technologies and resources. We encourage you to join our talented, dedicated workforce to develop world-class solutions for today and tomorrow's energy challenges while learning new skills and growing your career.

ERCOT is committed to fostering diversity and inclusion at all levels of our company. It is the cornerstone of our corporate values of accountability, leadership, innovation, trust, and expertise. We accept and celebrate those that join us and recognize that individuals with a wide variety of talents, ideas, and experiences propel the innovation that drives our success. A diverse and inclusive workforce strengthens us and allows for a collaborative environment to solve the challenges that face our industry today and in the future.

ERCOT offers the flexibility to work both in and out of the office within the state of Texas, providing our employees with an enhanced work life balance.

JOB SUMMARY

Develops and executes architecture strategy and support strategic system development initiatives. Provides design recommendations. Develops enterprise level solutions and evaluates proposed system and application architectures. Reviews requests for firewall changes and evaluates third party vendors. Participates in project meetings and provides guidance.

JOB DUTIES

• Understands and applies principles, theories and concepts related to the profession and ERCOT's culture.

• Exercises judgment within defined procedures and practices to determine appropriate action.

• Impact is generally limited to specific assignments or projects.

• May respond to inquiries and/or provide guidance to lower-level workers.

ADDITIONAL JOB DUTIES

Level 2

• Represents the Cyber Security Department by providing expert technical and architecture consulting on security requirements

• Analyzes complex systems architecture (application, network, system, and database, process) to identify design gaps and recommend security enhancements

• Understands current as well as emerging security threats and design security architecture to mitigate threats where possible

• Works with project stakeholders to identify appropriate security requirements, engineer practical security solutions and implement measurable security guidelines

• Works with project managers and stakeholders to develop practical, effective implementation plans with measurable project milestones for all security solutions

• Reviews current security policy and standards to ensure technical security requirements, guidelines and best practices are communicated and put into practice for each assigned project

• Supports stakeholders across the organization as a technical expert on information security architecture.

• Ensures the design of business solutions meets security mandates.

• Analyzes complex projects to identify potential vulnerabilities, security control points, and risk mitigation measures to ensure compliance with Security Policy, Standards, and technical security requirements.

• Securely achieves the functional requirements of business initiatives.

• Consults on projects to provide security expertise on how to implement best security practices for application, database, and system technologies

• Supports cloud adoption of ERCOT applications as they are being transformed and/or modernized

Knowledge of:

• Application Security (SDLC, CI/CD, DevSecOps, OWASP etc.)

• access authentication methods

• computer algorithms

• cryptology

• database systems

• embedded systems

• encryption algorithms (e.g., IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)

• fault tolerance

• network design

• traffic flows across the network (e.g., Transmission Control Protocol (TCP) and Internet Protocol (IP), Open System Interconnection Model (OSI), Information Technology Infrastructure Library, v3 (ITIL)

• Interfaces between applications - that is: events, messages, and data flows

• Data classifications, Databases and supporting data models

• Hardware, platforms, hosting: servers, network components and devices

• Local and wide area networks, Internet connectivity diagrams, Networking concepts

• Cloud computing concepts, architectures, and technologies. Cloud platforms such as AWS, Azure or Google Cloud.

Level Senior and Lead - Above +

• Develops the ERCOT Cyber security Architecture Strategy including ERCOT Cloud Strategy

• Serves as the information security subject matter expert, providing advisory and consulting service and functioning as a high-level security consultant to all projects and provide security expertise on how to implement best security practices for application, database, and system technologies

• Partners with stakeholders across the organization to securely achieve the functional requirements of business initiatives as the technical expert on information security architecture

• Works on the most complex issues where analysis of situations requires an in-depth evaluation of variable factors. Has the ability to resolve complex issues in creative and effective ways

• Maintains knowledge of emerging trends and industry best practices

• Leads projects or provides guidance to and coordinates activities of other workers

• Experience designing and implementing security solutions

• Demonstrated superior knowledge of security principles and technologies

• Designs and secure architecture for ERCOT's cloud platforms

EXPERIENCE REQUIRED

Security Architect Level 2 requirements:

• Requires minimum 2 years related work experience in excess of degree requirements

Senior Security Architect requirements:

• Requires minimum 5 years related work experience in excess of degree requirements

EDUCATION

• Bachelor's Degree: Cybersecurity, Computer Science, MIS or related field (Preferred)
• Master's Degree: Cybersecurity, Computer Science, MIS or related field (Preferred)
• or a combination of education and experience that provides equivalent knowledge to a major in such fields is preferred

Certifications (all levels)

• CISSP, CISM, CISA, CCSP, ISSAP, SANS GIAC, AWS, Azure or other security certifications (Preferred)

Salary and level will be based on overall experience as determined by ERCOT.

WORK LOCATION - Taylor, TX:

• Employees will be required to be on-site in Taylor, TX at minimum 2 days per week, or more, as needed based on the business needs as determined by management

• On-site schedules are flexible or may be rotated based on business needs as determined by the Manager

• Remote work is required to be performed from your Texas residence.

• Employees may opt to work on-site more than required or 100% of the time

The foregoing description reflects the minimum qualifications and the essential functions of the position that must be performed proficiently with or without reasonable accommodation for individuals with disabilities. It is not an exhaustive list of the duties expected to be performed, and management may, at its discretion, revise or require that other or different tasks be performed as assigned. This job description is not intended to create a contract of employment with ERCOT. Both ERCOT and the employee may exercise their employment-at-will rights at any time. #LI-Hybrid

Expected Salary Range:

$122,262 - $207,828

Are you an ERCOT Employee? If so please log in to Workday to apply.