The Data Security Architect will collaborate with security architects, technical leads, and other partners to design optimal data security technology capabilities that are secure, efficient, scalable, resilient, and adaptable to the organization's changing needs. This role provides architecture support, mentoring, and training to increase the maturity of our data security architecture practices and accelerate value creation.
The Data Security Architect will synchronize with the Data Security, Privacy, and Enterprise Data & Insights teams to ensure data flows of sensitive information are documented and recommend controls to ensure this data is adequately secured. The DataSecurity Architect facilitates threat modeling of services and applications to understand the risk and data associated with the service or application.
The Data Security Architect is expected to provide transformational guidance, tactical advice, and technical expertise in architecture deliverables related to securing data. This position will identify opportunities for processes and technical controls to mature data security access capabilities such as data loss prevention, encryption, data classification, and data handling across the information lifecycle.
The Data Security Architect is a thought leader who reviews current security measures and recommends enhancements to support the security strategy and enable the business. This role will engage with various partners to translate business objectives into security capabilities. The Data Security Architect will define target architectures and partner with the solution delivery teams to ensure that the business benefit is realized.
Here, we believe there’s not one path to success, we believe in careers that grow with you. Whoever you are or wherever you come from in the world, there’s a place for you at Sherwin-Williams. We provide you with the opportunity to explore your curiosity and drive us forward. Sherwin-Williams values the unique talents and abilities from all backgrounds and characteristics. All qualified individuals are encouraged to apply, including individuals with disabilities and Protected Veterans. We’ll give you the space to share your strengths and we want you show us what you can do. You can innovate, grow and discover in a place where you can thrive and Let Your Colors Show!
At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commuteit matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/. Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.
Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled.
The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.
Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.
Sherwin-Williams is proud to be an Equal Employment Opportunity/Affirmative Action employer committed to an inclusive and diverse workplace. All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.
As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.
Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.
Responsibilities:
Security architecture consulting on monthly security governance and DT P1/P2 projectsSupport design decisions during security solution development and deploymentLead proof of value (PoV) assessment on potential security toolsReview business processes from a security perspective and identify solutions to manage riskResearch and provide guidance on cyber policies and standardsMap cyber technical capabilities to the supported business capabilities Support reference architectures library (i.e., design requirements)Support reusable security patterns library (i.e., consumable security services)Support capability libraryAssist with roadmaps to mature security servicesAssist with compensating controlsEvaluate tool optimization and identify opportunities to improve efficiency and effectivenessBuild relationships and work closely with partners such as Data Security and other security service families, DT Infrastructure & Operations, Application Development, IT Risk Management, Compliance, and Internal AuditPartner with the Global Transformation Office and Enterprise Data & Insights team to align security data architecture with the enterprise data strategy
Additional Responsibilities
Guide decisions on security capabilities and designAlign security services to address the highest risks and support business objectivesSupport evaluation criteria for security technology proof of valueEstablish and maintain current state and target state architecturesAdvocate and promote architecture principles and design requirementsMonitor emerging products, technologies, and best practices to improve security maturityPromote the use of industry and SW security standards.Mentor security engineers and analysts
This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa.
This position has a hybrid work schedule with three days in the office and the option for working remotely two days.
Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. TheCompany therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.Formal Education
Required
Bachelor’s degree (or foreign equivalent) in a Computer Science, Computer Engineering, or Information Technology field of study (e.g., Information Technology, Electronics and Instrumentation Engineering, Computer Systems Management, Mathematics) or equivalent experience.
Preferred
Master’s degree in Computer Science, Cyber Security, Information Technology, Risk Management, or related field; or equivalent experienceExperience with security architecture frameworks such as SABSACertifications: CISSP, CISA, or CRISCTOGAF, CEAP, CISSP, CIA, CDCP, CCSP, CEH, CompTIA, Cloud Architecture (AWS/Azure/Google) or similar certifications a plus.CSM, SAFe, ITIL, APQC, or similar training/certifications a plus.
Knowledge and Experience
Required Qualifications:
12+ years of experience in Information Security IT, IT risk management, or Information Technology (IT)8+ years designing and implementing complex security, audit and compliance systemsExperience conducting proof-of-concepts, developing prototypes, or building reference models.Experience working in the Manufacturing or Consumer Products industryAbility to understand complex technical concepts and translate them for a non-technical audience
Preferred Qualifications
5+ years of hands-on experience applying systems thinking to create documentation, technical models, reference architecture, whitepapers, and presentations for use by all levels of management, functional, and technical staff.Experience developing and governing architecture standards and principlesExperience with common technology control and risk management frameworks like NIST CSF, NIST PF, ISO 27000 series, SOC 2, and compliance regimes like Sarbanes Oxley, GDPR, CCPA, etc.Experience in developing security, audit, and compliance architectures for large-scale, high-risk, strategic projects/productsExperience in securing Cloud Platforms2 years’ experience with data loss prevention (DLP) technologies5 years’ experience on data security, data management, or related data projects.Experience designing practical security, compliance and audit strategies and communicating the vision to a community of stakeholdersExperience applying international constraints and context to enterprise architectureExperience in applying systems and design thinking methodology to architecture practices
Personal Attributes
Strong commitment to inclusion and diversityExcellent communication, presentation, and interpersonal skillsAbility to concisely present ideas and security risks to both technical and business audiencesEffective change agentStrong analytical, conceptual, and problem-solving abilitiesAbility to interact with a broad cross-section of personnel to advocate and influence security measuresExcellent customer service orientation.Ability to observe business, understand pain points and recommend innovative & transformation solutions with strong ROIPromotes collaboration and continuous improvementUp to 10% travel as required (domestic and international).Work hours outside the standard office 7.5-hour workday may be required.