Principal Architect, Information Security

The Opportunity:

Avantor’s Principal Cybersecurity Architect is the recognized subject matter expert who has major responsibilities for the design, implementation, support, and documentation of cyber and network security solutions. This individual will be working with a team that is responsible for security operations, data protection, endpoint security, network security, security monitoring, incident response and vulnerability management solutions and technologies in a rapidly changing organization. This role will apply leading practice design, implementation and operation of security service solutions, policies, and emerging technology to meet and respond to the ever-present threat to the organization’s data and infrastructure. The position will ensure that all technologies are architected appropriately, operationally ready and documented for the operational teams to execute on capabilities.

What we're looking for

• Education: Bachelor’s degree in computer science or related field, or equivalent education/experience.
• Experience: 5-10 years of experience architecting cybersecurity solutions.
• Advanced knowledge and experience with solving highly technical problems as well as in building and architecting secure solutions to solve those complex problems required.
• Industry certifications such as CISSP, CCSP or equivalent.
• AWS certifications– especially Cloud Security Engineer or Cloud Security Architect.
• Azure certifications also a plus; We will train if necessary.
• Security architecture experience: demonstrating solutions delivery, principles, and emerging technologies. Designing and implementing security solutions. This includes:
• Continuous monitoring and making improvements to those solutions.
• Working with the business, with the operational information technology teams, and the information security team and vendors.
• Experience with and the ability to work in a maturing environment where standards, processes and procedures are being crafted.
• Consulting and engineering experience in the development and design of security leading practices and implementation of security principles across the organization, to meet business goals aligned with customer and regulatory\organizational requirements.
• Experience advanced security technologies such as SASE, IAM, EDR, SIEM
• Experience with Zero Trust architecture such as Zscaler ZPA or Netskope Private Access or similar technologies.
• Experience in security considerations for cloud computing control, SaaS, PaaS and\or IaaS. Requirements include but aren't limited to: interfaces, system development, security design, APIs, data breaches, authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
• Knowledgeable in Enterprise Architecture standards and practices including the ability to translate customer business needs into Network and Security standards and requirements.
• Provides guidance, mentoring and training to the broader IS Security team.
• Knowledge and experience both working in and helping to secure OT (Operational Technology) environments. A …