Xylem Director, Cybersecurity Architecture & Engineering in Morton Grove, Illinois
Xylem (XYL) is a leading global water technology company committed to developing innovative technology solutions to the world’s water challenges. The Company’s products and services move, treat, analyze, monitor and return water to the environment in public utility, industrial, residential and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced infrastructure analytics solutions for water, electric and gas utilities. The Company’s more than 16,500 employees bring broad applications expertise with a strong focus on identifying comprehensive, sustainable solutions. Headquartered in Rye Brook, New York with 2017 revenue of $4.7 billion, Xylem does business in more than 150 countries through a number of market-leading product brands.
The name Xylem is derived from classical Greek and is the tissue that transports water in plants, highlighting the engineering efficiency of our water-centric business by linking it with the best water transportation of all – that which occurs in nature. For more information, please visit us at www.xylem.com .
The Role: Reporting directly to Xylem’s CISO, the Director of Cybersecurity Architecture and Engineering will be responsible for the architecture and engineering aspects of global cyber security including leading the design, development, implementation and execution of organization-wide information security platforms and architectures. This will include, but is not limited to, the development of a Cybersecurity Standards and a Cybersecurity Engineering Roadmap that will continuously evolve and drive state of the art technical security solutions across the enterprise. The position will require collaboration with IT infrastructure and application teams, software development and cloud architecture and other internal functional groups (Legal, Procurement) to ensure that the strategy and execution elements of Global Cybersecurity meet the needs of the Xylem. The position will also be responsible for building and managing a technical team to support Xylem’s global cyber security initiatives and goals, as well as ensuring that the staff has the right technical breadth and depth to support current platforms and future technology direction.
Essential Duties/Principal Responsibilities:
Provide expert direction in managing and implementing Xylem’s enterprise security strategy and engineering for security services and infrastructure, while considering potential risks in the organization’s current technology deployments, to build a successful and strong enterprise security posture.
Gather requirements, create security architecture designs, analyze technical alternatives, provide cost analysis, test options, prepare configurations, document and communicate engineering plans. Requires the highest level of security critical thinking, creativity, and innovation in developing new concepts, theories, and products to address the most complex and strategic issues facing Xylem.
Recruit, manage, and coach the cyber security technical architecture and engineering team
Lead the business case, design and implementation of cybersecurity capital investments.
Collaborate with business and technology managers to assess needs, identify security risks and promote adoption of solutions through sponsorships in pilot and prototyping activities.
Develop cybersecurity standards aligned to and supporting industry recognized frameworks.
Partner with multiple platform and application owners to review solutions and develop best practices and standards that can be leveraged company-wide.
Lead the development of infrastructure security metrics for framework maturity, security posture governance, and reporting.
Provide expert cybersecurity advisement to technical implementation teams ensuring secure solution delivery.
Define and manage the business process for initiating, capturing, recording, and managing user identities and their related access permissions.
Review the organization’s information security engineering and platforms to identify integration issues and opportunities to enhance information security practices.
Provide extensive support and assistance to senior leadership for decision on future investments and addressing complex issues impacting Xylem’s security architecture.
Coordinates with internal and external partners to negotiate and place security-related orders for services.
Provides input in the development of operating and capital budgets.
Work closely with the Chief Security Officer on the development of functional goals and objectives.
Minimum Qualifications: Education, Experience, Skills, Abilities, License/Certification:
Bachelor’s degree in STEM field, related discipline, or equivalent.
Minimum 8+ years of increasingly diverse and complex experience in field of Cybersecurity within a global environment, with at least a minimum of 5+ years in security architecture and application, infrastructure security.
Demonstrated experience building and managing teams (including direct and indirect reports globally), as well as third-party vendor relationships.
Extensive experience working with Cyber Security vendors negotiating rates, contracts, and service level agreements.
Excellent verbal/written communication, collaboration, analytical and presentation skills to lead an environment driven by customer service and team work; must be able to set goals and participate in strategic initiatives for a team; and foster the development of high performance teams and interface with all levels of the organization; ability to participate in development of resource plans and structures and influence organizational priorities
Excellent communication, analytical, and writing skills with the ability to participate in and lead team based projects.
Ability to carry high-level conversations; proven ability to present to senior leadership.
Experience designing and implementing secure architecture and reference architectures; from business requirements gathering to technology rollout oversight, including capacity management, definition of scoring methodologies for technology selection, integration of multiple tools and reporting functionalities, technical documentation
Experience and in depth understanding of the latest security principles, application security architecture, security technologies, techniques, standards and protocols.
Deep understanding of web related technologies deployment (web application security design, mobile application security, service oriented architecture, SAML, identity federation, cloud (public, private).
Hands on experience in deploying security technologies such as Next Generation Firewalls, Intrusion Prevention, anti-malware/anti-virus, endpoint security technologies, SIEM, authentication systems, log collection / management, content filtering, Wireless Access controls, Network Access Control, identity management technologies, cloud security technologies, data encryption technologies, virtualization security, mobile application security
Must work well in a dynamic team that is geographically dispersed.
Maintained information security /cybersecurity certifications (e.g. CEH, CISSP, CISM).
Scripting skills (i.e.: Ruby, Python, Perl, shell scripts)
Experience in software development
Experience with cloud IaaS security operations
Analytical decision making
Business focused delivery
Continuous improvement mindset
Developing capability (for people manager)
Leading people & teams (for people manager)
Planning & prioritizing work
(The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
- Regularly required to sit or stand, reach, bend and move about the facility
(The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)
Office: Standard office equipment; work usually performed in an office setting free from any disagreeable elements.
Standard weekly job hours: 40 hours
EOE including disability and veteran