We’re Hiring for a Cyber Security Domain Architect !

If you are excited and passionate about helping #LetsSolveWater, consider joining our team today! Xylem, Inc. is a leading global water technology company servicing more than 150 countries and is dedicated to solving the world’s most challenging water issues. We are looking for individuals to join our mission by exceeding customer expectations through smart sustainable solutions. At Xylem, you will have the opportunity to solve water by participating in our paid Volunteer Program, Xylem Watermark !

THE ROLE : Reporting directly to Xylem’s Director of Cybersecurity Architecture & Engineering, the Cyber Security Domain Architect will be responsible for the design and implementation of security capabilities and cloud services across Xylem’s technology platforms. The role has elements of strategy and long-term execution of the security program as it evolves, but an individual contributor capable of delivering on multiple global security projects. This includes but is not limited to the development of Cybersecurity Standards, Principles, Reference and Target Architectures and Roadmaps that will continuously evolve and drive state of the art technical security capabilities and enablement across the enterprise. The position will require collaboration with IT infrastructure, cyber defense, security compliance, product security, software development and other internal functional groups (Legal, Procurement, and Finance) to ensure that the strategy and execution elements of Global Cybersecurity meets the need of Xylem. This position will be on a team of Architects but will take lead Architecture responsibility for all security aspects of Networking, Voice infrastructure, Vulnerability Scanning, and Endpoint Detection and Response technologies. Additionally, this position may also be responsible for conducting security risk assessments for applications and infrastructures including Cloud security, CASB and Cloud Gateway implementation and deployment to support Xylem’s global cyber security initiatives and goals.

CORE RESPONSIBILITIES

• Provide expert direction in implementing Xylem’s enterprise security architecture strategy for platforms, applications, security services, network security and infrastructure, while considering potential risks in the organization’s current technology deployments, to build a successful and strong enterprise security posture.

• Gather requirements, create network security architecture designs, analyze technical alternatives, provide cost analysis, test options, prepare configurations, document, and communicate design and implementation plans.

• Requires the highest level of security critical thinking, creativity, and innovation in developing new concepts and products to address the most complex and strategic issues facing Xylem.

• Secure and automate capabilities through collaboration with InfoSec, Compliance, Cyber Defense, Product Security and Engineering resources.

• Lead Xylems On-premise and Cloud network security architecture. Develop, implement, and maintain the security architecture for Xylem enterprise network and cloud network services.

• Contribute to the development and evolution of application, platforms, cloud services and infrastructure security reference and target architectures.

• Participate in the development of business cases, design and implementation of cybersecurity capital investments.

• Collaborate with business and technology teams to assess needs, identify security risks and promote adoption of solutions through sponsorships in pilot and prototyping activities.

• Develop cybersecurity standards and principles aligned with and supporting industry recognized frameworks.

• Provide expert cybersecurity architecture and network security risk assessment reviews and technical implementation ensuring secure capabilities delivery.

• Review the organization’s information security architecture and platforms to identify integration issues and opportunities to enhance information security best practices.

• Participate in M&A engagements as needed for secure network integration and due diligence.

• Provide support and assistance to leadership for decision on future investments and addressing complex issues impacting Xylem’s security architecture.

• Provides feedback in the development of operating and capital budgets.

• Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.

QUALIFICATIONS :

• Bachelor’s degree in STEM field, related discipline, or equivalent.

• Minimum 10+ years of increasingly diverse and complex experience in field of Cybersecurity within a global environment, with at least a minimum of 5+ years in security architecture, network security, and infrastructure security.

• Network Security Architecture – Deep technical understanding designing and securing of:

• Both WAN and LAN environments including SD WAN, MPLS, VPN, Segmentation, Micro-Segmentation,

• IOT Segmentation

• Load Balancing

• Web Application Firewalls

• Routing and Switching design, deployment and Operations

• Advanced experience and understanding of dynamic routing (BGP, EIGRP and OSPF).

• Load Balancer configuration and capabilities

• Firewall design, deployment, and operation

• VPN design, deployment, and operation.

• Advanced experience in wireless protocols (802.11) and Cisco Wireless Controllers.

• Cloud Network Security

• Experience connecting and integrating IAM and SSO solutions with networking components such as Firewalls, Switches, Load Balancers, etc

• Cloud Security –Expert level understanding of virtualization, cloud infrastructure, and public cloud offerings. Experience designing network security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS services. Experience and in depth understanding of the latest network and cloud security principles, security technologies, techniques, standards and protocols.

• Deep technical understanding and experience with the security controls needed for modern and cloud-based voice services and infrastructure.

• Experience with the integration of network security resources to asset management and log collection infrastructure including the development of SIEM based rules for alerting.

• Experience designing and implementing regional, site and micro segmentation architectures.

• Excellent verbal/written communication, collaboration, analytical and presentations.

• Excellent communication, analytical, and writing skills.

• Ability to carry high-level conversations; proven ability to present to senior leadership.

• Experience designing and implementing secure architecture and reference architectures; from business requirements gathering to technology rollout oversight.

• Experience writing and executing RFx based industry evaluations including definition of scoring methodologies for technology selection, non-biased critical analysis and vendor selection.

• Experience with capacity management and Inventory management.

• Hands on experience in deploying security technologies such as Next Generation Firewalls, Intrusion Prevention, log collection / management, content filtering, Wireless Access controls, Citrix NetScaler, VDI technologies, Network Access Control, identity management technologies, cloud security technologies, data encryption technologies, virtualization security, and mobile application security.

• Must work well in a dynamic team that is geographically dispersed.

PREFERRED QUALIFICATIONS:

• Master’s Degree

• Experience with Palo Alto, Cisco, Citrix, Zoom, 8x8, Rapid 7, and Tenable.

• Experience performing risk assessments on a broad range of technologies

• Maintained information security /cybersecurity certifications (e.g. CEH, CISSP, CISM).

DAY IN THE LIFE :

In this role, the working environment is generally in an office setting and may be performed remotely. The physical demands may include but are not limited to moving around in an office environment, frequent oral communication, close vision, and ability to operate office equipment. Up to 10% time spent traveling.

SALARY :

The estimated salary range at this professional level is $130,000 to $150,000 plus bonus. Starting pay is dependent on multiple factors, such as skills, experience and work location, and is not typically at the top of the range. At Xylem we offer a competitive compensation package with a generous benefit package, including Medical, Dental, Vision plans, Wellness programs, 401(k) with company contribution, paid time off, paid parental leave and tuition reimbursement.

At Xylem, we embrace diversity and strive to create avenues where employees feel valued and appreciated through our DE&I initiatives and Employee Resources Groups (ERG). Xylem is proud to be an Equal Employment Opportunity and Affirmative Action workplace. Xylem prohibits discrimination, harassment of any kind and does not discriminate in employment on the basis of race, color, religion, sex or sexual orientation (including pregnancy and gender identity), national origin, political affiliation, marital status, medical conditions or disability, genetic information, age, or other non-merit factors.

Join the global Xylem team today! Xylem is a team creating advanced technology solutions to the world’s water challenges through developing new technologies and services that will improve the way water is used, conserved, and re-used in the future is central to our work. Our products and services move, treat, analyze, monitor, and return water to the environment, in public utility, industrial, residential, and commercial building services settings. Xylem also provides a leading portfolio of smart metering, network technologies and advanced analytics solutions for water, electric and gas utilities.

Disclaimer: The information listed within this job description is designed to indicate the general nature of work expected for this position and shall not be viewed as a comprehensive inventory of all duties, responsibilities, and qualifications required in this position. Employees must be able to perform the essential functions of the position satisfactorily and if requested, reasonable accommodations will be made to enable employees with disabilities to perform the essential functions of their job absent undue hardship. Xylem reserves the right to modify this job description or assign other duties to this position as needed.