LafargeHolcim

Returning Candidate?

Regional Security Architect

Regional Security Architect

Requisition ID 
2017-3595
# of Openings 
1
Job Locations 
CA-ON-Concord
Category 
Information Technology
Product Line 
Corporate
Travel 
30%

More information about this job

Why work for Lafarge?

Lafarge in Canada is proud to provide construction solutions in the buildings, infrastructure and industrial segments. These solutions are built with high performance products from our cement, aggregates, ready-mix concrete, asphalt and road construction, and concrete products divisions.  From the use of alternative materials and recycling to renewable energy, Lafarge's focus is to develop innovative products that can contribute toward sustainably constructed building solutions.  Lafarge takes personal growth and development to heart, and provides resources for our employees to take control of their own careers. Through our commitment to communities, to the health and safety of our employees and their families, or through the many volunteer hours of our employees, Lafarge demonstrates our care for people. If you want to work in an environment that values hard work, entrepreneurship, and collaborative teamwork, Lafarge is for you.   Building Better Cities is what we do. Come Build a Better Career with us!  More information can be found at www.lafarge-na.com/careers .

 

Overview

The Regional Security Architect is responsible for coordination of the design, build and run of information security technical solutions within the North American region.  S/he will primarily plan and develop solutions that will align with key strategic business initiatives & requirements, Group Standard Information Security Framework and operational efficiency.  The overall target for this position includes:

 

  • Serves as the regional IT Security technical expert and the single point of contact for the region to provide leadership and technology guidance for all technical security services and solutions.
  • Coordination with Business Engagement, Enterprise Architecture (EA) and Infrastructure & Operations (I&O) team for the plan, design, build and production readiness of security solutions supporting mission critical production environments and applications.
  • Responsible for protecting the confidentiality of data, ensuring data integrity, and ensure availability of systems and data by the business in the region.
  • Ensuring that information security standards and procedures are aligned with Group Standard Information Security Framework with appropriate exceptions for business operations.
  • Active participation in the Global IT Security Working Group to champion potential technical security solutions and evolution of Global directives to align with regional business requirements.

Responsibilities

IN ACTIVITIES / RESPONSIBILITIES

  • Work on highly complex solutions that require in-depth knowledge within the security domain and appropriate application in a manufacturing business environment becoming increasingly and rapidly digital.
  • Analyze and follow-up on security attack vectors, threats and risks, ensure tracking, remediation and prevention of future occurrences.
  • Interpret and implement technical requirements and policies to ensure compliance with Global Security Framework and directives while advocating for regional priorities to highlight where compliance constrains business.
  • Coordinate regional security initiatives with and on behalf of the Head of Global I&O Security.
  • Interface with Regional ITSM and I&O in region to ensure patching and updates to applications and image for endpoints.
  • Review new security technologies, help select third party suppliers, and create solutions to effectively mitigate security threats/risks.
  • Provide information security support for demands and projects from business functions/stakeholders.
  • Conduct regular review of various system logs and output tools for security findings, evaluate risk findings and recommend remediation.
  • Responding to security incidents (L2 & L3) and report to appropriate parties.
  • Coordination of Antivirus, IDS/IPS, vulnerability analysis, firewall policies and threat intelligence services for the region with Global Security Operations Center (SOC).
  • Coordinate the build of security measures to protect computer systems, networks and data in with I&O in region.
  • Establishing a culture of information security awareness and risk prevention.
  • Collaborating with other key IT roles to ensure information security measures do not prevent the users executing their duties.
  • Establishing constant vigilance over critical information assets.

 

JOB DIMENSIONS

Portfolio:

Budget: NA

Key figures: (e.g. IT User, IT Sites, Cluster, Countries, and Businesses)

Direct Reports: NA

Key interfaces, stakeholder and relationships

Internal:

  • Reporting directly to ITSC Region Head of IT Security & Compliance and indirectly to Global I&O Head of Security
  • Interface frequently with Head of GCDC Region Head of Delivery Services for coordination of Global I&O Security services
  • Project Managers, I&O Operations Managers and technical team, Peers in the other Regional ITSCs

External: Consulting Companies; Service Providers.

Qualifications

Level of education/qualifications normally required:

  • Bachelor’s degree in Computer Science, Engineering, or related discipline with an IT focus.
  • Certifications: CISSP, CISM, CISA, CRISC ITIL, CMMI, ISO 27001

Specific work experience:

  • Minimum of 7 years of exposure to information, computer, in at least three security domains such as: Access control, Telecommunications and Network Security, Information Security Governance and Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operations Security, Business Continuity and Disaster Planning, Legal, Regulations and Compliance, Physical (Environmental) Security.
  • Minimum of Experience with one or more of the following:
    • Experience with scripting such as UNIX shell, Powershell, Perl and/or VB
    • Experience with networking tools such as Cacti, Netflow or SolarWinds
    • Experience with monitoring and syslogging tools such as Snort and/or Splunk
    • Exposure to forensic security tools such as Wireshark, Windows Event Logs
  • Demonstrated proficiency working with multiple operating systems including Linux, Unix and Windows Vista/7, 2003/2008.
  • Demonstrated knowledge of IP networking, networking protocols and an understanding of security related technologies including encryption, IPSEC, VPN, firewalls, proxy services, DNS, electronic mail and access lists.
  • Experience in implementing Policies and Procedures in compliance with Information Security Management System Standards (ISO 27000 series).
  • Experience coordinating and completing multiple tasks within established and changing deadlines
  • Must be able to work independently and proactively and possess an ability to contribute and collaborate effectively as a member of a highly-functioning and productive team.
  • Excellent organizational, analytical, and independent problem solving skills.
  • Demonstrated excellent oral and written communication skills necessary to interact effectively with colleagues and with users of varying technological skill levels.
  • Extensive experience in delivering IT security projects, assessments and audits and building and/or running IT Security teams.
  • Practical experience of risk assessments & risk management.
  • Practical experience of incident handling & response.

Technical / functional skills:

  • Ability to conduct research into security issues and products and provide threat intelligence.
  • Strong knowledge and understanding of cloud, networking & application security.
  • Ability to run information security audits.
  • Profound knowledge of ISO 27001/2 standard.
  • Profound project management skills.

Behavioral competencies:

  • Ability to work decisively under heavy workload considering the criticality, urgency and extended work hours required to ensure availability of the service in accordance to service level commitments
  • Analyzes issues and problems to make sound decisions on daily activities.
  • Ability to collaborate with multi-cultural and multi-located teams
  • High willingness to drive transformation and service improvement
  • Strong customer / end-user / client service orientation
  • Highly self-motivated and directed
  • Keen attention to detail
  • Capability for problem solving, decision making, sound judgment, assertiveness
  • Viewed as an expert and provides knowledge and counsel to others.

 

Leadership and managerial abilities:

  • Ability to communicate effectively to senior managers in all line of business.
  • Cultivates relationships and networks across organizational streams.
  • Manages execution to ensure work is completed to achieve the stated goals.
  • Leads for performance to ensure appropriate processes, methods and quality standards are applied.
  • Ability to champion new initiatives and technologies – “Change Leader.”

Linguistic skills:

  • Excellent English (written & spoken) - other languages are a plus

Mobility requirements:

  • Travels ~30% (estimate)
  • Location: Toronto

LafargeHolcim

Why work for us?

 

Working for Lafarge offers a wide variety of career opportunities that utilize your abilities and skills to contribute to a better world. In addition to local and global developmental opportunities, we provide employees with competitive compensation, a comprehensive benefits plan, a health & wellness program with financial incentives, an extensive global e-learning platform and much more!  More information can be found at www.lafarge-na.com/careers

 

www.lafarge-na.com

www.lafargeholcim.com

We thank you for your interest.  Only candidates selected for an interview will be contacted.  LafargeHolcim is committed to the principles of employment equity and encourages the applications from women, visible minorities, and persons with disabilities.