• Enterprise Security Architect

    Location US-PA-Philadelphia
    Posted Date 4 months ago(2/25/2019 12:54 PM)
    ID
    219891
    Category
    Information Technology
    Employment Type
    Fulltime-Regular
  • Overview

    About Aramark
    Aramark (NYSE: ARMK) proudly serves Fortune 500 companies, world champion sports teams, state-of-the-art healthcare providers, the world’s leading educational institutions, iconic destinations and cultural attractions, and numerous municipalities in 19 countries around the world.  Our 270,000 team members deliver experiences that enrich and nourish millions of lives every day through innovative services in food, facilities management and uniforms. We operate our business with social responsibility, focusing on initiatives that support our diverse workforce, advance consumer health and wellness, protect our environment, and strengthen our communities.  Aramark is recognized as one of the World’s Most Admired Companies by FORTUNE, as well as an employer of choice by the Human Rights Campaign and DiversityInc. Learn more at www.aramark.com or connect with us on Facebook and Twitter.

     

    Description

    The ESA is responsible for overseeing the global information security architect to secure our corporate environment and to ensure client and customers solutions are designed and scecure properly with an enterprise mindset for global deployment at Aramark.  The ESA will work closely with other IT Architects to ensure standads and designs meet changing business needs. 

     

    • Leadership – A senior member of the CISOs leadership team is integral in helping to cultivate a culture of security awareness across the enterprise. In a security leadership capacity works across diverse audiences to translate technical specifications into strategic business requirements for security regulatory and compliance needs and provision of risk management support. Exhibits leadership for project teams when needed. The ability to drive related projects and initiatives through the ability to Influence cross-organizational leaders, and in so doing help drive success for development teams.
    • Client RelationshipHas proven track record of the ability of working with stakeholders to identify risks associated with business processes, operations, information security programs and technology projects.Is able to be the enterprise security subject matter expert who can explain technical topics to those without a technical background in support of client needs. Build strong inter-personal relationships with peers and other key stakeholders that can support smooth execution and delivery against tight timelines.
    • Financial Performance – Must understand security budget requirements and capable of communication to appropriate parties. Knowledge of team resource management support budgetary forecasting, as well as monitoring and tracking of functional spend. Is able to provide advice and guidance in relation to any prioritized risk mitigation and or risk management expenditure considerations. Through experience can help to direct decisions on financial spend in relation to supplier offerings and or delivered solutions.
    • Compliance – Must have a sound understanding of the Aramark’s security compliance and regulatory needs and what is required to meet compliance. Must ensure that the right security processes and procedures are up to date and in place to support and maintain governance and compliance needs. Must be able to identify, asses, document and manage all security risks that are associated with meeting compliance across all areas of Aramark. Is able to provide appropriate levels of metrics and reporting for Aramark to demonstrate security assurance for its compliance and regulatory needs.
    • Productivity – To support delivery of services and product timelines, is able to establish direct lines of contact with major Service Providers for information security operations to support and maintain a business-to-security alignment. This will ensure that all models and implementations can be traced back to the business strategy, specific business requirements and key principles. Good understanding of desk top environment and end user experience solutions that may directly impact productivity and service hours lost.
    • Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, which will meet business goals and customer, regulatory and compliance requirements.
    • Responsible for supporting the development of the information security architectural standards. Is able to conduct system security vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues.
    • Lead engagements with Technology Service Providers for solution design.
    • Responsible for documenting security solution patterns or templates which are based on current architectural principals compatible with Aramark’s future service delivery and business strategies. Providing technical consultancy at project kick off meetings, identifying security technical issues and risks.
    • Ability to implement seamless integration between IT architectures (infrastructure and applications base) and information security policy and standards. Work closely with IT and Digital Service Delivery Architect (s) to ensure appropriate secure solutions are created that meet the needs of the business group where necessary.
    • Experience in recommending data architecture improvements based on information use and requirements. This must include ability to oversee activities that ensure all data standards are adhered to.
    • Provide assurance of maintenance of security systems by evaluating network and security technologies; Experienced in development requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices.
    • Provide leadership for the understanding ofsecurity protocols, cryptography, authentication, authorization and security.
    • Knowledgeable in security requirements associated with cloud computing: They must include knowledge of areas for potential data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
    • Responsible for analyzing, documenting and managing all security exceptions to policy.
    • Must have excellent communication, influencing and interpersonal skills combined with highly effective technical presentation skills for stakeholder management and engagement.
    • Performs an active role in identifying the need for and evaluating emerging technologies.

     

    Qualifications

    • Experience – Minimum of 7 years in security architecture.
    • Experience with complex technical design requirements and implementation of product and technology architectures.
    • Designing and implementing security solutions experience. This includes continuous monitoring and making improvements to those solutions, as well as working with information security teams in developing and implementing a strong and effective IT and security risk based programme.
    • Experienced in establishing being the go-to person for Engineers, Product Owners, Architects and Management for architecture advise and execution validation.
    • Extensive experience providing design and implementation assurance of resilient Information Security infrastructures including: Cyber security and incident management, Endpoint protection, Encryption and Certificate management, Security Analytics and Intelligence, and Threat and Vulnerability Management.
    • Education – A Bachelor’s degree preferably in computer science or related subject.
    • A CISSP (certified Information Systems Security Professional) should be considered essential for this role and degree with the relevant years’ experience. Knowledgeable and experienced in compliance with Information Security standards such as ISO/IEC27001/27002/27003/27005, NIST, Sarbanes-Oxley (SOX), GDPR, Data Privacy requirements.
    • Leadership – Able to provide, team, and stakeholder leadership to motivate, and sustain buy in across all levels of the organization and externally
    • Complexity – Must be able to handle stakeholder requirements and implement security solutions that deliver security solutions across the organization.
    • Communication – Must be fluent and at ease in communicating at all levels of the organization with the ability to simply and translate and deliver technical reporting to non-technical formats
    • .Knowledge – Sound technical IT and strong governance risk and compliance (GRC) knowledge.
    • Impact – Across all areas of Aramark.
    • Judgement – Must be experience in making sound judgement calls using risk to support decision making.

    Apply

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.