APi is a market-leading provider of safety, specialty, and industrial services in over 200 locations worldwide, primarily in North America. We have a winning culture driven by entrepreneurial business leaders to deliver innovative solutions for our customers. As a family of companies working together, we have the parts to make any project whole.
At APi Group, the mission is clear: We Build Great Leaders. We believe that everyone at APi is a Leader and one of our core pillars of success is our distinct leadership development culture. We provide internally developed, cross-functional development programs across our businesses. Our culture of investing in leadership development at all levels of the organization has created an empowered, entrepreneurial atmosphere that facilitates organizational sharing of knowledge and best practices and enables the development of cross-brand solutions and innovation.
We are currently seeking a Security Architect, whose responsibilities include building and leading the Security Architecture program, developing, and maintaining a strong security engineering practice, and providing technical consultation to IT and business counterparts across the organization. You will also be part of a team that allows you to participate in a variety of security-related activities, including incident response, security assessments, security monitoring improvements, and overseeing remediation activities. This Security Architect role provides you with an opportunity to have a direct influence on the organization’s ongoing security strategy and roadmap.
- Build and lead the Security Architecture program, which includes designing and communicating security patterns, standards, diagrams, and architecture models, along with consulting with IT and business teams to support various IT and security initiatives.
- Establish security baselines and standardization, which would include CIS-CAT asset benchmarking, baseline documentation, and secure configurations.
- Document and map security control infrastructure and capabilities.
- Drive efforts for the identification, mapping, and rationalization of the regulatory frameworks and standards for security controls, including the CIS 20 / SANS Top 20.
- Establish the metrics and reporting framework for leadership, executives, and board around key metrics, residual risk, along with key and emerging risks.
- Collaborate with the Enterprise Architecture team.
- Participate in the Architecture Design Boards.
- Guide business and IT teams with understanding and aligning with appropriate security requirements.
- Mentor team members and IT partners.
- Foster and maintain key relationships across the business and IT.
- Conduct security engineering activities such as configuring and maintaining security tools, testing new capabilities, supporting IT engineer counterparts, and identifying security control gaps.
- Maintain security policies, procedures, and standards, ensuring they stay relevant to the organization.
- Identify, implement, and maintain security automation opportunities.
- Collaborate with users to discuss computer data access needs, identify security threats and violations, and identify and recommend needed programming or process changes.
- Perform risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures.
- Detect and report any weaknesses in the existing protocols, recommending or implementing modifications and improvements.
- Participate in security-related project work and oversee external consultant activities.
- Communicate and champion security awareness and identify new and creative ways to improve the “human firewall.”
- Other related duties as assigned.
- A minimum of 10 years of experience in information technology, with at least 5 in security-related roles.
- Bachelor's degree (B. A.) from four-year College or University; or 4 years related experience and/or training; or equivalent combination of education and experience.
- Proficient in MS Office; Outlook, Word, Excel, Teams, and Visio.
- Excellent written and verbal communication skills as well as business acumen and commercial outlook.
- Ability to communicate technical requirements to a varied audience.
- Flexibility to work occasionally outside business hours to support security incident response, project work, or maintenance window activities.
- Excellent organizational skills and analytic, problem-solving skills.
- Impeccable confidentiality, attention to detail, and self-organization.
- Self-directed and motivated, with a positive and willing attitude.
- Knowledge and experience with Sarbanes-Oxley and GDPR.
- Familiarity with Sparx EA, Prolaborate, and other modeling tools.
- Security certifications such as CISSP, Security+, CASP.
- Strong scripting experience in various languages, such as PowerShell and Python.
Competencies and Skills:
- Extensive experience in information security and/or IT risk management with a focus on security, performance, and reliability.
- Deep technical understanding of IT networks, server administration, and IT applications.
- Strong proficiency in a broad array of security software applications and tools.
- Expert understanding of computer-related security systems such as firewalls, encryption, and password protection and authentication.
- Experience implementing multi-factor, single sign-on, identity management or related technologies.
APi Group provides competitive compensation and benefits that support the total well-being of you and your family, as well as providing formal learning and development opportunities to continue building great leaders.