Prin Cyber Security Architect
Not Disclosed•Full-TimeOn-site
location_on2104, Division Street, Druid Heights, Baltimore, Maryland, 21217, United States
Who We Are
As the largest private-sector power producer in the world and the nation's largest producer of clean and reliable energy, Constellation is focused on our purpose: lighting the way to a brilliant tomorrow for all. We have been the leader in clean energy production for more than a decade, and we are cultivating a workplace where our employees can grow, thrive, and contribute.
Now integrated with Calpine, our portfolio includes 55 gigawatts of capacity from nuclear, natural gas, geothermal, hydro, wind, and solar facilities, with the generating capacity to power the equivalent of 27 million homes. Our culture and employee experience make it clear: We are powered by passion and purpose. Together, we're creating healthier communities and a cleaner planet, and our people are the driving force behind our success. At Constellation, you can build a fulfilling career with opportunities to learn, grow, and make an impact. By doing our best work and meeting new challenges, we can accomplish great things. Join us in meeting the country's energy needs today and tomorrow.
Work location
Work model: On-site
2104, Division Street, Druid Heights, Baltimore, Maryland, 21217, United States
Baltimore, Maryland
Key Responsibilities
- check_circleProvide technical expertise to identify security solutions and develop reference architectures
- check_circleTranslate technology and regulatory conditions into security designs and IT/OT processes
- check_circleProvide guidance on secure application development, risk management, and security policies
- check_circleDesign and develop enterprise-wide security architecture and strategy aligned with business goals
- check_circleAdvise IT leadership on strategic security technology plans and translate capabilities into requirements
- check_circleMonitor security trends and evaluate new technologies for potential business impact
- check_circleEstablish and maintain relationships with business and IT partners while communicating status to stakeholders
Requirements
- verifiedBachelor's Degree in Computer Science, IT, or related discipline
- verified8+ years of experience in cyber security architecture and design
- verifiedExpert knowledge of authentication, authorization, access control
- verifiedExpert knowledge of computer algorithms
- verifiedExpert knowledge of encryption algorithms
- verifiedExpert knowledge of cryptography and cryptographic key management
- verifiedExpert knowledge of database systems
- verifiedExpert knowledge of embedded systems
- verifiedExpert knowledge of system fault tolerance methodologies
- verifiedExpert knowledge of system component installation, integration, optimization
- verifiedExpert knowledge of human-computer interaction principles
- verifiedExpert knowledge of cybersecurity principles
- verifiedAbility to design architectures and frameworks
- verifiedSkill in applying cybersecurity methods (firewalls, DMZs, encryption)
- verifiedExpert knowledge of network access, identity, and access
Nice to Have
Graduate degree in cyber security or related area of expertise. Relevant security certifications (CISSP, CISM, SABSA, GIAC). Demonstrated experience and subject matter knowledge in cyber and information security for applications, web architectures, operating systems, databases, and networks. Experience and proven capabilities in application risk assessment, application security architecture development, web application security, and application security testing. Demonstrated experience in security architecture risk assessment, requirements development, secure design analysis, architecture assessment and development, and security testing of applications and systems. Extensive experience developing, evaluating, and implementing cyber and information security architectures, technologies, standards, and practices to secure applications and IT systems. Demonstrated knowledge and experience in the implementation of governance frameworks and security risk management processes, such as NIST, ISO, and COBIT guidelines and standards. Demonstrated experience in addressing regulatory compliance for the security requirements in applicable laws and regulations, such as NERC CIP, SOX, PCI DSS, and HIPAA. Solid understanding and experience with security development lifecycle (SDL) processes for internally developed applications, including the web-based and Internet facing components. Expert knowledge and experience in application security standards, methodologies, and technologies. Solid capability to assess application and web architectures and operating systems for vulnerabilities and develop appropriate security countermeasures. Solid knowledge and experience with IT security aspects of operating systems, Active Directory, database (SQL) access, LDAP, Microsoft SharePoint, and web server configurations. Experience in assessing, configuring, and testing security applications and systems, such as Cisco firewalls, security appliances, IDS/IPS, SSL or TLS, IPSec, and web services security.
Benefits & Perks
check_circle401(k) with company matchcheck_circleEmployee stock purchase programcheck_circleComprehensive medical, dental, and vision benefitscheck_circleRobust wellbeing programscheck_circleDisability and life insurance benefitscheck_circlePaid time off for vacation, holidays, and sick dayscheck_circleBonus program for eligible employees
