Cloud Information Security Architect

Job Description

Job Specifications

As a Cloud Information Security Architect, you will serve as a key member of the Black Hills Energy Enterprise Security team.  The role will evaluate and improve our cloud security strategies and applying them to existing and prospective technology projects with responsibilities including the development/refinement of strategy, policy, regulatory compliance, risk identification and mitigation, security architecture and standards.

SALARY RANGE:  $90,250 - $148,750 (Determined by the knowledge, skills and abilities of the applicant.)

REPORTING RELATIONSHIP:   Senior Manager, Applications

LOCATION: Our Corporate Headquarters in Rapid City, South Dakota 

• You’ll find this is the ideal community to live, work and do business in. With hiking trails, the Black Hills, Mount Rushmore and Badlands National Park in your backyard, there are endless opportunities to enjoy nature. To learn more about our locations, please visit the locations page on our career website.
• A Comprehensive Relocation Plan is offered for this position! Details about this package will be shared during the interview and offer process.

ESSENTIAL JOB FUNCTIONS:

• Lead the design and development of security architectures for protecting systems and data deployed in cloud native and hybrid environments.
• Contribute to the overall Enterprise Cloud architecture strategy and lead the security vision and strategy around IaaS/PaaS/SaaS cloud deployments.
• Deploy and implement cloud security threat and risk mitigating controls aligned to standard methodogies, addressing operational enablement including monitoring, automated alerting, and actionable remediations.
• Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, researching cloud infrastructure security standards such as NIST CIS, CSF, and CSA.
• Serve as an authoritative point of contact for all matters related to cloud security controls, implementation, and enforcement. Continually review and evaluate cloud security solutions, practices, and gaps in or shortcomings with applied controls.
• Provide technical leadership on multi-functional teams to promote cloud security strategy principles to Black Hills Energy business unit customers.
• Review existing architecture, identify design gaps, and recommend security improvements. Assist with the development and review of high-level solution architecture documentation.
• Meet with project teams and other system architects to develop system designs and project plans that include the appropriate security controls and meet security standards. 
• Proactively review and analyze new or proposed business applications to evaluate appropriate security capabilities, assessing their risk and their value in support of company goals and security strategy.

ADDITIONAL RESPONSIBILITIES:

• Understand current as well as emerging security threats and design security architecture to mitigate threats where possible. 
• Serve as security ambassador, information security domain expert, trusted advisor; provide advisory and consulting services as needed to various department and project teams.
• Maintain an awareness of existing and proposed security standard setting groups as well as State and Federal legislation and regulations pertaining to information security.  

QUALIFICATIONS:

• Minimum of (5) five years of IT experience, with at least (3) three years within an Information Security position is required.  
• Bachelor’s Degree in Information Technology, Computer Science, Information Assurance, Network Security Administration or an equivalent combination of education and experience required.

KNOWLEDGE/SKILLS/ABILITIES:

• Excellent communication skills with ability to work effectively with security integrators, vendors, software manufacturers and application users to program, maintain and improve support for all security systems
• Excellent organizational skills with attention to details, accuracy, and timeliness. Solid understanding of network architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems
• Understanding of advanced technical security topics such as Security Essentials; Ethical hacking; Auditing and monitoring networks, systems, and users; forensics and malware analysis; security incident response
• Experience with various Information Security technologies, including firewalls, IDS/IPS products, vulnerability assessment and management products, Windows operating systems, UNIX/Linux operating systems, networks (routing, switching, design, etc.), scripting/programming (shell, Perl, C, etc.)
• Knowledge of Microsoft technology stack and Azure security offerings such as Enterprise Mobility and Security Suite (EM+S), M365 Security Advanced Threat Protection (ATP), Azure Information Protection (AIP) and Intune
• Experience with Azure Security Center, Azure Operations Management Service, M365 Security, Log Analytics, preferred
• Knowledge of DevOps technologies (e.g., Jenkins, Gitlab, GitHub, etc.), Chef, Puppet, or related automated/orchestration tools desired
• Experience in AWS, including but not limited to IAM, GuardDuty, WAF, Shield+, EC2, CloudTrail, CloudWatch
• Working knowledge of common information technology management and security frameworks, such as ISO/IEC 27001, OWASP, ITIL, COBIT, CIS Top 20 and NIST 

MENTAL/PHYSICAL DESCRIPTIONS AND WORKING CONDITIONS:
The mental and physical descriptions are representative of the activities an employee in an office job performs. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Mental description: Understand, remember, apply oral and/or written instructions or other information, and communicate routine factual information. Apply common sense in performing job functions, usually within a set of rules or guidelines.

While performing the duties of this job, the employee continuously accesses, inputs, and retrieves electronic information and communicates regarding the information.  Employee frequently moves about the office space. Employee must be able to operate routine office equipment including computers and similar equipment. Must be able to routinely perform this work for an average of 6-8 hours per day and occasional extended hours as necessary. Must be capable of regular, reliable, and timely attendance.

Specific lifting abilities required by this job include: Sedentary work. Exerting up to 10 pounds of force occasionally and/or negligible amount of force frequently or continuously to lift, carry, push, pull or sitting most of the time. Jobs are sedentary if moving about is only occasionally and all other sedentary criteria are met.

Work environment: Routinely perform work indoors in climate-controlled shared work area with moderate noise level. Willing to travel occasionally (less than 10 days per year) by automobile (as driver and passenger), commercial airlines, rental vehicles and public transportation and be able to lodge in public facilities. Must have proper licensing to operate a motor vehicle.

This description is not intended to be an all-inclusive list of responsibilities, duties, and requirements for employees in this position. Job descriptions may and do change periodically. Where positions are covered by a collective bargaining unit agreement, the terms and conditions of the agreement will apply.

About our Company: We are a customer, growth and safety focused utility company that is dedicated to our communities. We improve life with energy as an energy partner of choice. Our diverse culture fuels unique perspectives, opening doors to new insights and possibilities. Based in Rapid City, South Dakota, we have over 3000 employees and serve 1.3 million natural gas and electric utility customers across eight states (South Dakota, Montana, Wyoming, Colorado, Nebraska, Iowa, Kansas, and Arkansas).

Enjoy our Comprehensive Benefits Package!  Annual incentive program, 401(k) (6% company match and up to 9% company retirement contribution), tuition reimbursement, paid time off, additional Veteran PTO, paid holidays and annual floating holidays, company paid short term and long term disability, paid parental leave, health and wellness program, and competitive medical, dental and vision insurance.

Candidates must successfully pass a pre-employment drug screen and background check. 

Black Hills Energy does not sponsor applicants for work visas. All applicants must be legally authorized to work in the US.

We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, or status as a protected veteran.