Verizon has flagged the PCI Principal Consultant job as unavailable. Let’s keep looking.

If you have what it takes to become part of the Vistra family and would like to start a promising career with a global leader, take a look at the exciting employment opportunities that are currently available and apply online.

Job Summary

As a member of the Vistra Architecture Team, the Principal Security Architect will be expected to understand a wide array of IT security controls, secure product and solution development, processes, and concepts. The Security Architect will provide extensive support for product and solution security architecture reviews, network connectivity analysis, data protection strategies, secure access gateways, and security incident and event processes (data logging and event management). The role will also be required to apply risk review concepts in support of audit controls for PCI and SOX regulations. This is a hands-on role that will require detailed knowledge of security concepts, secure commercial platform architecture, secure software and product development, automation, and secure cloud and web application architecture and best practices, risk models, security controls, security audits and other common IT security domain concepts. 

Job Description

Key Accountabilities

Innovation 

Perform research activities to identify emerging technologies and trends that may affect the enterprise. 

Maintain awareness of vendor/product industry developments, regulations and trends and identify potential impacts to the enterprise. 

Evaluate and recommend security solutions that meet the organization's requirements, budget, and risk management goals. 

Design and oversee efforts in building effective bank specific Proof of Concept demonstrations and socialize the results.

Develop and maintain strong relationships with business domain leadership to keep track of changing business needs and priorities. 

Provide technical/business consulting to internal departments and client-sponsored activities outside of Technology Services. 

Strategy 

Provide technical/business consulting to internal Technology organizations and client-sponsored activities outside of Technology. 

Analyze the business drivers that determine key architecture requirements. 

Develop and maintain a comprehensive security strategy and roadmap that aligns with the organization's goals and objectives. 

Develops and maintains strong relationships with key vendors and business leaders to rack changing business needs and priorities. 

Contribute to cyber security organization by developing reference architectures, training/certification material etc. 

Governance 

Design and/or implement security architecture that aligns with business needs, industry best practices, and regulatory requirements 

Facilitate and develop and maintain security standards for key technologies that meet regulatory compliance and industry standards 

Facilitate the development and evolution of the architecture and global governance processes. 

Define and facilitate the process for approving architecture principles and standards. 

Develop different methods to communicate effectively and analyze cyber security metrics to identify improvement opportunities 

Mentor technology team members in the principles of Security Architecture. 

Identify potential security risks and vulnerabilities, assess their impact, and identify measures to mitigate them.

Education, Experience, & Skill Requirements

12+ years in network, information systems, information security, application engineering or architecture

Deep understanding of network security and commercial infrastructure security concepts. 

Strong knowledge of security controls and risk management frameworks & models. 

Strong working knowledge with identity and access management, cloud, data protection, endpoint, infrastructure, application, network, and container security best practices. 

Experience with secure cloud web application implementation and product development. 

Experience with DevOps, DevSecOps, and Agile SDLC methodologies 

Experience in scripting/coding to automate operational processes and system integrations 

Experience with static code analysis tools and open-source security and license management tools. 

Must be able to evaluate & apply concepts of risk management and prioritization models for security related risk items. 

Capable of working under pressure in a continually changing environment. 

Strong inter-personal skills are required to work across the organization and interface with the business including internal and external audit to ensure security controls are in place and effective. 

Ability and desire to stay current with emerging cybersecurity technologies, best practices, recommendations, and events and incorporate these into processes, procedures, and policies where it makes sense. 

Expert problem solver with strong analytical, troubleshooting, critical thinking, and problem-solving skills 

Strong written and verbal communication skills, work ethic and positive attitude 

Ability to work alone with minimal supervision effectively and efficiently 

BA/BS degree in Computer Science, Information Systems or a related technical field, or the equivalent combination of education and experience; CISA, CISM, OSCP, or CISSP certifications a plus.

Key Metrics

Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.  

Plans security systems by evaluating network and security technologies; develops security requirements for servers, workstations, local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs), digital signatures & hardware and software

Adheres to industry guidelines, best practices, & standards; automates repeatable tasks, including security control enforcement 

Prepares system security reports by collecting, analyzing, and summarizing data and trends. 

Enhances department and organization reputation by exploring opportunities to add value to security strategy and objectives. 

Job Family

Information Technology

Company

Vistra Corporate Services Company

Locations

Irving, Texas

Texas

We are a company of people committed to: Exceeding Customer Expectations, Great People, Teamwork, Competitive Spirit and Effective Communication. If this describes you, then apply today!

If you currently work for Vistra or its subsidiaries, please apply via the internal career site.

It is the policy of the Company to comply with all employment laws and to afford equal employment opportunity to individuals in all aspects of employment, including in selection for job opportunities, without regard to race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, age, disability, genetic information, military service, protected veteran status, or any other consideration protected by federal, state or local laws.

If you are an individual with a disability and need assistance submitting an application or would like to request an accommodation, please email us at assistance@vistraenergy.com to make a request.

Read Full Description
Confirmed 6 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles