Sr. Security Architect

Information Technology Morrisville, North Carolina


Description

Xylem |ˈzīləm|

1) The tissue in plants that brings water upward from the roots;
2) a leading global water technology company.

We’re a global team unified in a common purpose: creating advanced technology solutions to the world’s water challenges. Developing new technologies that will improve the way water is used, conserved, and re-used in the future is central to our work. Our products and services move, treat, analyze, monitor and return water to the environment, in public utility, industrial, residential and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced analytics solutions for water, electric and gas utilities. In more than 150 countries, we have strong, long-standing relationships with customers who know us for our powerful combination of leading product brands and applications expertise with a strong focus on developing comprehensive, sustainable solutions. For more information, please visit us at www.xylem.com

If you are excited and passionate about helping us solve water, we want to hear from you!

Sensus, a Xylem brand, helps a wide range of public service providers – from utilities to cities to industrial complexes and campuses – do more with their infrastructure to improve quality of life in their communities. We enable our customers to reach farther through the application of technology and data-driven insights that deliver efficiency and responsiveness. We partner with them to anticipate and respond to evolving business needs with innovation in sensing and communications technologies, data analytics and services. Learn more at sensus.com and follow @SensusGlobal on Facebook, LinkedIn and Twitter.

The Role: Sensus, a Xylem brand, seeks to hire a Senior Security Architect to join the security technologies team. The Senior Security Architect will be responsible for leading the development and implementation of security architecture across Sensus technology platforms with a focus on software applications. This position will work across software and hardware development teams to identify component and system level technical risks, identify and evaluate critical failure points, determine technical security controls to mitigate risks, prioritize and schedule controls with product development timelines, and work with cross functional teams to implement features according to product maps.

This position may be located either in Raleigh, NC, or in any of the following locations (Atlanta, GA, Boise, ID or Covington, LA) with 25% to 30% travel to Raleigh, NC. 

Essential Duties/Principal Responsibilities:

  • Provides architectural guidance and leadership on best practices regarding security in software development, user interface design frameworks, high performance messaging solutions, server side development, integrations and tools and technologies
  • Works with the business and systems team to identify the right architecture for implementing new solutions, products and modules. Develop, implement and maintain  product security strategy for the entire product portfolio covering IoT, SmartGrid suites
  • Contribute to the development and evolution of the application and infrastructure security reference architecture. Develop, implement and maintain the security architecture for Sensus product portfolio
  • Risk analysis, risk management, and communication of results with software/hardware development managers
  • Champion the Sensus’s product security SDLC.  This includes security testing, penetration testing identifying and fixing vulnerabilities in software and applications on all Sensus products.
  • Perform vulnerability research, assessment and management , serve as technical security/risk advisor on all new technology/developed by Sensus
  • Perform threat modeling, static application security testing, code reviews, and secure design reviews for high risk applications.
  • Determine testing requirements and strategies, automate security testing using a variety of scripting and open source tools
  • Implement or manage the implementation of common application security controls, ensuring that practices meet software certification processes
  • Assist developers in remediating vulnerability findings by providing line-by-line guidance.
  • Provide training and education to developers on software security best practices.
  • Ability to present complex security topics to wide range of internal and internal audiences (engineers to executives)
  • Develop architecture, testing and auditing of Cloud computing, and Big Data platforms
  • Maintain knowledge of current and emerging technologies / products / trends related to security architectural solutions
  • Act as a Subject Matter Expert in the discovery and investigation of critical security vulnerabilities

Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:

  • BSCS or equivalent with 10 year’s relevant experience
  • Demonstrated programming expertise – Java, C#
  • Demonstrated expertise in product/application security architecture – Service oriented architecture (SOA), Network security, application security, web services, Angular, JavaScript
  • Deep technical experience in Security/Identity Management including SSO, LDAP, and Provisioning
  • Strong software development skills – Agile, waterfall..
  • Strong operating systems knowledge – Windows (all flavors), Red Hat Linux, Debian Linux
  • Security audit, Vulnerability assessment and packet analysis skills
  • Scripting expertise – Linux scripting (bash), Windows scripting, Python or Perl
  • Encryption expertise, HSM (Hardware Security Modules)
  • Database knowledge – Postgres, MSSql, Oracle, Hadoop
  • A rigorous approach to analyzing and resolving complex technical problems
  • Strong project planning and execution skills
  • Good analytical and debugging skills; creative ability, good organizational skills
  • Self-motivated; ability to work under general supervision; receptive and supportive of team efforts
  • This position may be located either in Raleigh, NC, or in either of the following locations (Atlanta, GA, Boise, ID or Covington, LA) with 25% to 30% travel to Raleigh, NC

Preferred Qualifications:

  • Expertise in either Cloud computing security and/or Big data security
  • Forensic analysis skills
  • CEH/ CISSP or another security certification
  • Excellent written & oral communication skills and coordination with peers, end-users, and management

Physical Demands:

(The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Regularly required to sit or stand, reach, bend and move about the facility

Work Environment:

(The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

  • Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements.
  • Standard weekly job hours: 40 hours

Xylem is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.