Vanderbilt's Security Architecture team provides technical expertise in information security and risk management in the creation, planning, design and implementation of current and new projects, ventures, and systems across VU to ensure systems meet university goals and are resilient to cyber-attacks.
The Lead Security Architect - Security Architecture will work directly for the Security Governance and Architecture Director. In this role you'll play an integral role in defining and assessing the university's security strategy, architecture, and practices. This role may require mentoring, training, and managing analysts. The Lead Architect will be required to effectively translate university objectives and risk management strategies into specific security processes enabled by security technologies and services.
Duties and Responsibilities
Reporting to the Security Governance and Architecture Director this role will perform the following functions:
Lead the development and maintenance of security architecture that enables the university to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers;
Develop strategic and operational information security plans and roadmaps based on sound enterprise architecture practices;
Develop and maintain security architecture artifacts and data flow diagrams (e.g., models, templates, standards, and procedures);
Track developments and changes in the digital business and threat landscape to ensure updates are adequately addressed in security plans and architecture artifacts;
Determine baseline security configuration standards and validate compliance for operating systems (e.g., OS hardening), network segmentation, identity, and access management (IAM), and security infrastructure tools, etc.
Coordinate with application development teams to review secure coding practices, and to escalate concerns related to poor coding practices to information security leadership;
Participate in IT projects or initiatives to provide security-planning advice; and
Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
Experience with IT infrastructure: applications, databases, operating systems -- Windows, Unix and Linux, hypervisors, IP networks -- WAN and LAN, storage networks -- Fiber Channel, iSCSI and NAS, backup networks and media;
Proficiency with developing network architecture, implementing encryption standards, and remote access protocols (e.g., network segmentation, SASE, NAC). Working technical knowledge of Zero Trust architecture and implementation strategy preferred;
Experience with cloud-based security architecture, containerization and deploying applications and infrastructure into public cloud services. Specific vendor and application experience with Microsoft (e.g., O365) or AWS preferred;
Knowledge of at least two of the following: NIST Cybersecurity Framework (CSF), ISO/IEC 27001/2, CIS Top 20 Controls, NIST SP 800-53,DoD CMMC
Strong working knowledge of IT service management (e.g., ITIL-related disciplines): change management, configuration management, asset management, and/or incident management;
Experience training and assisting junior analysts along with leading small teams;
Experience evaluating and deploying cloud solutions (IaaS, SaaS, etc.), digital platforms, mobile applications or tools, and other newer technologies;
High degree of creativity, with an ability to manage priorities and effectively allocate resources to meet business objectives in a clear and pragmatic way;
Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences;
Implementation of complex security initiatives, plans and strategies; and
Exposure to higher education distributed research environments desired.
Bachelor's Degree in Computer Science, Information Technology, Engineering, or related fields from an accredited 4-year college or university desired; other bachelor's degrees combined with extensive cybersecurity experience may be acceptable;
Five or more years of cybersecurity experience across areas of cybersecurity;
Current architecture certifications such as SANS SEC530: Defensible Security Architecture and Engineering, Sherwood Applied Business Security Architecture (SABSA), Zachman and/or The Open Group Architecture Framework (TOGAF); and
Professional security management certification, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or similar.
Commitment to Equity, Diversity, and Inclusion
At Vanderbilt University, we are intentional about and assume accountability for fostering advancement and respect for equity, diversity, and inclusion for all students, faculty, and staff. Our commitment to diversity makes us who we are. We have created a community that celebrates differences and lets individuality thrive. As part of this commitment, we actively value diversity in our workplace and learning environments as we seek to take advantage of the rich backgrounds and abilities of everyone. The diverse voices of Vanderbilt represent an invaluable resource for the University in its efforts to fulfill its mission and strive to be an example of excellence in higher education.
Vanderbilt University is an equal opportunity, affirmative action employer. Women, minorities, people with disabilities, and protected veterans are encouraged to apply.
Please note, all candidates selected for an offer of employment are subject to pre-employment background checks, which may include but are not limited to, based on the role for which they have been selected: criminal history, education verification, social media review, motor vehicle records, credit history, and professional license verification.
Internal Number: 10000894
About Vanderbilt University
Vanderbilt University is a center for scholarly research, informed and creative teaching, and service to the community and society at large. Vanderbilt will uphold the highest standards and be a leader in the quest for new knowledge through scholarship, the dissemination of knowledge through teaching and outreach, and the creative experimentation of ideas and concepts. In pursuit of these goals, Vanderbilt values most highly intellectual freedom that supports open inquiry, equality, compassion, and excellence in all endeavors.