Principal Architect Cybersecurity

JOB TITLE: Principal Architect, Cybersecurity

REQUISITION: INF00BU

DEPARTMENT: Cyber Security Systems

• F&M Service center or Topeka General Office

LOCATION: Kansas City, MO

Topeka, KS

PAY GRADE: $108,700 - $144,900

Scheduled Work Hours: Monday

• Friday 8:00 a.m.

• 5:00 p.m. Job will require additional hours as necessary, Hybrid Remote, Travel as necessary

Summary of Primary Duties and Responsibilities:

The incumbent in the Cyber Security Architect role will provide technical advice on implementation of security controls across corporate and business systems in both Information Technology and Operations Technology environments. The desired candidate will have broad experience with networking, cybersecurity, application security and data protection and architecting those systems to meet business needs along with providing robust security.

Major responsibilities include, but are not limited to:

• Develop a complete understanding of Evergy's technology and information systems

• Design, build, implement and support enterprise-class security systems

• Align organizational security and infrastructure strategy with overall business and technology strategy

• Identify and communicate current and emerging security threats

• Design security architecture elements to mitigate threats as they emerge

• Plan, research, and design robust security architectures for technology projects

• Perform or supervise vulnerability testing, risk analyses and security assessments

• Create solutions that balance business requirements with information and cybersecurity requirements

• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements

• Test security systems to determine efficacy

• Provide guidance to security and technology teams

• Create and update security policies, procedures and/or standards as needed

• Respond to security-related incidents and provide thorough remedial solutions and analysis

• Regularly communicate vital information, security needs and priorities to leadership

• Work within the changing compliance requirements of NERC-CIP and others that may arise

• Keep updated on the latest cybersecurity trends, threats and technologies and provide guidance to the organization accordingly.

Education and Experience:

Bachelor's degree in Computer Science is highly preferred. The ideal candidate will have at least ten years of progressive technology and cybersecurity experience with at least 5 years of demonstrated experience with designing and implementing cybersecurity systems.

Required experience for successful selection includes:

• Demonstrated interpersonal skills, including conflict resolution

• Demonstrated working knowledge and experience with security objectives, operational objectives, and tradeoffs associated with the network design process

• Demonstrated working knowledge and experience with security risk management, network security, identity and access management authorization and authentication methods, data protection and security monitoring and alerting technologies.

• Demonstrated working knowledge and experience with network protocols such as TCP/IP, UDP, DHCP, DNS, and HTTP

• Knowledge of cryptology and encryption algorithms (e.g., IPSEC, AES, GRE, IKE, MD5, SHA, 3DES)

• Demonstrated working knowledge and experience with the implementation of data security standards / guidance and regulatory / contractual information security requirements

• Experience in creating and presenting cybersecurity information to IT and Business Stakeholders

Skills, Knowledge, and Abilities:

Desired skills include experience assessing, designing, implementing, and securing:

• Cloud computing technologies and workload transition challenges

• Operational Technology networks and endpoints

• PLTE networks

• Network Architecture and Network Topology

• Knowledge of cybersecurity frameworks such as NIST, ISO & CIS

• Network security standards and their implementation in compliance to corporate security policies

• Industry standards and methodologies

• NERC-CIP Requirements

• Ethical hacking, penetration testing, red/blue/purple team exercises

• MITRE ATT&CK Framework

• FISMA and FedRAMP Controls

• DevOps Methodology

Licenses, Certifications, and/or Testing:

CISSP or CISM preferred but not required.

Successful candidate must possess and maintain a valid driver's license.

Working Conditions:

Working conditions will vary from office to field environment. Travel required. Must be able to work additional hours, both indoors and outdoors, on short notice in all types of weather.

Evergy has a clear mission

• To empower a better future. Evergy chooses to live this mission by valuing People First. We know that to lead the responsible energy transition and provide affordable, reliable, and sustainable service to our customers and communities, we need a team with a variety of backgrounds, perspectives and skills. So, our goal is to be a diverse workforce that is representative of the communities we serve. We are committed to celebrating diversity and building a team where everyone - regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status - has a voice and can bring their best every day. We know that the more diverse and inclusive we are, the better we will be. Evergy is proud to be an equal opportunity workplace and is an affirmative action employer.