Vanderbilt's Security Architecture team provides technical expertise in information security and risk management in the creation, planning, design and implementation of current and new projects, ventures, and systems across VU to ensure systems meet university goals and are resilient to cyber-attacks.
The Senior Security Architect - Security Architecture will work with the Lead Security Architect and have direct reporting to the Security Governance and Architecture Director. In this role you'll play a critical role in building and maintaining the university's security architecture aligned to industry best practices. The Senior Security Analyst will be required to be knowledgeable of university objectives, risk management efforts, and balance these with security technologies and services.
Duties and Responsibilities
Reporting to the Security Governance and Architecture Director this role will perform the following functions:
Develop and maintain security architecture that enables the university to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers;
Provide initial review and analysis of information security plans and roadmaps based on enterprise architecture best practices;
Draft initial and maintain completed security architecture artifacts, strategic plans, and data flow diagrams (e.g., models, templates, standards, and procedures);
Synthesize developments and changes in the digital business and threat landscape to ensure updates are appropriately addressed in security plans and architecture artifacts;
Participate in IT projects or initiatives to provide security-planning advice and perform security architecture review for new technology projects;
Support security reviews in coordination with application development teams to emphasize secure coding practices; and
Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
Knowledge of IT infrastructure: applications, databases, operating systems -- Windows, Unix and Linux, hypervisors, IP networks, storage networks, backup networks and media;
Working knowledge of network architecture, implementing encryption standards, and remote access protocols (e.g., network segmentation, SASE, NAC). Working technical knowledge of Zero Trust architecture and implementation strategy preferred;
Experience with cloud-based security architecture, containerization and deploying applications and infrastructure into public cloud services. Specific vendor and application experience with Microsoft (e.g., O365) or AWS preferred;
Working knowledge of IT service management (e.g., ITIL-related disciplines): change management, configuration management, asset management, incident management;
Experience in deployment of applications and infrastructure into public cloud services;
Experience evaluating and deploying cloud solutions (IaaS, SaaS, etc.), digital platforms, mobile applications or tools, and other newer technologies;
Knowledge of at least one of the following: NIST Cybersecurity Framework (CSF), ISO/IEC 27001/2, CIS Top 20 Controls, NIST SP 800-53, NIST SP 800-171, Revision 2, DoD CMMC;
Strong written and verbal communication skills, interpersonal and collaborative skills; and
Implementation of security initiatives, plans and strategies.
Bachelor's Degree in Computer Science, Information Technology, Engineering, or related fields from an accredited 4-year college or university desired; other bachelor's degrees combined with extensive cybersecurity experience may be acceptable;
Two to three years of cybersecurity experience across areas of cybersecurity;
Desire to pursue architecture certifications such as SANS SEC530: Defensible Security Architecture and Engineering, Sherwood Applied Business Security Architecture (SABSA), Zachman and/or The Open Group Architecture Framework (TOGAF); and
At Vanderbilt University, we are intentional about and assume accountability for fostering advancement and respect for equity, diversity, and inclusion for all students, faculty, and staff. Our commitment to diversity makes us who we are. We have created a community that celebrates differences and lets individuality thrive. As part of this commitment, we actively value diversity in our workplace and learning environments as we seek to take advantage of the rich backgrounds and abilities of everyone. The diverse voices of Vanderbilt represent an invaluable resource for the University in its efforts to fulfill its mission and strive to be an example of excellence in higher education.
Vanderbilt University is an equal opportunity, affirmative action employer. Women, minorities, people with disabilities, and protected veterans are encouraged to apply.
Please note, all candidates selected for an offer of employment are subject to pre-employment background checks, which may include but are not limited to, based on the role for which they have been selected: criminal history, education verification, social media review, motor vehicle records, credit history, and professional license verification.
Internal Number: 10000895
About Vanderbilt University
Vanderbilt University is a center for scholarly research, informed and creative teaching, and service to the community and society at large. Vanderbilt will uphold the highest standards and be a leader in the quest for new knowledge through scholarship, the dissemination of knowledge through teaching and outreach, and the creative experimentation of ideas and concepts. In pursuit of these goals, Vanderbilt values most highly intellectual freedom that supports open inquiry, equality, compassion, and excellence in all endeavors.