Lead Application Security Architect (Hybrid)
07/25/2024Locations East Berlin, Connecticut; Westwood, Massachusetts
Job Description
Lead Application Security Architect (Hybrid)
07/25/2024Locations: East Berlin, Connecticut; Westwood, Massachusetts
Lead Application Security Architect (Hybrid)
This is a hybrid role. The first three months are fulltime in the office.
Our Team
Manage the activities of a team of Application Security specialists across multiple projects and collaborate across multiple business lines and technical domains in the architecture function to execute critical initiatives of the function. Expertise is applied cross-functionally to drive the ideation, adoption, and implementation of technical methods within various teams and aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity. Must work seamlessly with the Eversource developers to ensure the successful adoption of required security approaches and capabilities.
Essential Functions:
- Cultivate security culture with your product technology and business colleagues. Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea. This vision must enable business outcomes and continuously raise the security bar and not one or the other.
- Serve as an application security thought leader. Learn from your many projects and cybersecurity teams and share best practices in both directions. Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk. Serve as a cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.
- Act with urgency managing emerging issues. Proactively monitor Key Risk Indicators to ensure issues are identified, quantified, communicated, and managed in a timely manner, including recommendations for resolution, and identifying the root cause/key themes.
- Enable and partner with application architects and engineering leaders to design secure, scalable, and resilient applications.
- Leads Application Security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.
- Fosters a culture of innovation, collaboration, and continuous improvement within the Application Security team.
- Acts as the primary interface with senior leaders, stakeholders, and executives to drive consensus across competing cyber security objectives.
Technical Knowledge/Skill/Education/Licenses/Certifications:
- Has experience with and is fluent in expressing security concerns within the following languages: VB .Net, Python, YAML, Terraform
- Exhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.
- Applies extensive organizational and/or project management expertise and has full knowledge of other related disciplines.
- May be viewed as expert within a given field.
- Formal training or certification on software engineering concepts and 5+ years applied experience.
- Experience running teams of architects that design cybersecurity solutions operations on cloud-based platforms and applications.
- Hands-on practical experience delivering enterprise level planning, design, and implementation of enterprise-level security solutions and controls related to:
- Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning)
- Modern Security Engineering/Architecture practices (e.g. micro services, containers, orchestration, continuous integration & delivery pipelines, API first, service delivery & integration, OWASP Top 10)
- Solution Development & Delivery
- Hands-on practical experience in cybersecurity architecture that can be applied and repeated across businesses, functions, and systems. Experience reviewing and securing cybersecurity products and solutions for public cloud-based applications and infrastructure, external-facing web-based solutions, and mobile.
- Experience growing and leading large, cross-functional teams of technologists.
- Subject matter expertise in multiple security domains (e.g., mobile, application security, vulnerability reduction, data protection, encryption, logging and monitoring, network security, etc.)
- Demonstrated prior experience influencing across highly matrixed, complex organizations and delivering value at scale.
- Experience leading complex projects and supporting system design, testing, and operational stability.
- Experience hiring, developing, and recognizing talent.
Experience:
10 years related experience that includes 5 years of Senior level cyber security experience and:
- Experience in Cross Domain Solutions
- Familiarity with Zero-Trust Architecture
- Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
- Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).
- Exposure to projects using an Agile methodology and DEVSECOPS environment.
- Experience leading mid to large security initiatives and managing small teams.
- Should have experience scripting and coding.
Licenses & Certifications:
- Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.
- Systems Security Certified Practitioner (SSCP) certification
- Certified Information Systems Security Professional (CISSP)
Education:
Bachelor’s Degree in Engineering, Computer Science, Data Science, Information Technology or related experience
#LI-NM1
#corpajd
Compensation and Benefits:
Eversource offers a competitive total rewards program.Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive.The annual salary range for this position is:
$156,260.00-$173,620.00Worker Type:
RegularNumber of Openings:
1Emergency Response:
Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.
EEO Statement:
Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.
VEVRRA Federal Contractor
Overview
Eversource is always looking for employees who share the values that help make us one of the leading energy companies in the country. Our Corporate areas work collaboratively and strategically with all areas of the business to set policy and drive strategic direction. We create value for our business areas by delivering consistent, quality, cost-effective services, and leading change to build a more engaged workplace and a performance culture. You'll have a variety of opportunities to further your career. We have a great working environment, excellent compensation and benefit programs, and opportunities for growth and development.
Learn more about careers in IT, Finance/Accounting, Legal, Human Resources and Corporate Relations.
About us
We are Eversource
Electric Operations is committed to providing safe and reliable electric service to Eversource customers. The organization is comprised of the following 5 major groups., Electric Field Operations, Emergency Preparedness, Planning and Scheduling, and Substation Operations and Field Engineering and Communications.
Meet Snimar
Snimar Chhabra, Director of Enterprise Data and Advanced analytics, shares why she loves helping Eversource make decisions based on data.
Success Profile
What makes a successful Corporate member?
Check out the top traits we're looking for and see if you have the right mix.
- Collaborative
- Customer Focus
- Team Player
- Adaptable
- Detail Oriented
- Positive
Culture
Our goal is to remain the best energy company in the nation, and to be the first with carbon-neutral operations by 2030.
We will achieve this by embracing perspectives our employees bring to the table. We are committed to:
- Fostering a workplace where all employees, customers, and stakeholders are respected and valued.
- Leveraging the unique talents, perspectives, and life experiences of every employee to drive our ongoing success.
- Attracting, developing, and retaining a workforce capable of meeting the evolving needs of our customers while delivering reliable energy and exceptional service.
Over the past year, Eversource and employees contributed:
103 events with more than 23,000 hours and 4,900 employees—that's what Eversource volunteers accomplished in 2021 to help our communities across CT, NH, and MA. Whether it was collecting food for the holidays, passing out food in a local kitchen, or pulling trash out of the Connecticut River, we were there. Take a look at some highlights in this video.
Employee Testimonials
Manius,
Staff Accountant
Meet Manius
“I joined Eversource in the hopes to grow and become more than what’s expected. To challenge myself in an environment, work family oriented, and most importantly an accounting method that took me out of my comfort zone. To grow, better yet define who I will be, and this has streamed my ambition to explore and introduce my skillsets to become an asset to the company. I am me, I am different in all aspects, I will continue to learn and grow. Most importantly I will push for change, more modern development to catchup to the forever changing era. I am Manius, l Staff Accountant in Plant Accounting and a Co-Lead to the Multicultural BRG, my head held high with respect to everyone.”
Kara, Manager of Financial
Planning & Budgets
Meet Kara
“I joined Eversource 11 years ago as an intern in the Accounting division and then full time after graduating from Roger Williams University with a degree in Accounting. It was an easy decision to work here because I felt the culture was a perfect fit for me. Eversource puts its customers and employees first and I find there is a great work life balance here.
In my current role as Manager of Financial Planning & Budgets, I support multiple organizations to help them achieve their business objectives, strategic initiatives, and remain on track with their budget goals. While doing so, I learn a lot about different organizations and get to work with a diverse group of individuals. There is so much to learn about Eversource and the Utility industry and I continue to be challenged and learn something new every day.”
Job Description
Lead Application Security Architect (Hybrid)
07/25/2024Locations: East Berlin, Connecticut; Westwood, Massachusetts
Lead Application Security Architect (Hybrid)
This is a hybrid role. The first three months are fulltime in the office.
Our Team
Manage the activities of a team of Application Security specialists across multiple projects and collaborate across multiple business lines and technical domains in the architecture function to execute critical initiatives of the function. Expertise is applied cross-functionally to drive the ideation, adoption, and implementation of technical methods within various teams and aid the firm in remaining at the forefront of industry trends, best practices, and technological advances in application cybersecurity. Must work seamlessly with the Eversource developers to ensure the successful adoption of required security approaches and capabilities.
Essential Functions:
- Cultivate security culture with your product technology and business colleagues. Build a vision around the next level of security maturity for application developers, with inputs from the security organization and work with Cyber Security leadership to deliver on that idea. This vision must enable business outcomes and continuously raise the security bar and not one or the other.
- Serve as an application security thought leader. Learn from your many projects and cybersecurity teams and share best practices in both directions. Be recognized in the enterprise as the clear point of escalation and subject matter expert for Application Security and associated IT Risk. Serve as a cyber risk advisor to the leadership team and help prioritize initiatives with the greatest ROI.
- Act with urgency managing emerging issues. Proactively monitor Key Risk Indicators to ensure issues are identified, quantified, communicated, and managed in a timely manner, including recommendations for resolution, and identifying the root cause/key themes.
- Enable and partner with application architects and engineering leaders to design secure, scalable, and resilient applications.
- Leads Application Security for multiple cybersecurity architecture and process implementations across business lines to achieve security objectives.
- Fosters a culture of innovation, collaboration, and continuous improvement within the Application Security team.
- Acts as the primary interface with senior leaders, stakeholders, and executives to drive consensus across competing cyber security objectives.
Technical Knowledge/Skill/Education/Licenses/Certifications:
- Has experience with and is fluent in expressing security concerns within the following languages: VB .Net, Python, YAML, Terraform
- Exhibits an exceptional degree of ingenuity, creativity and/or resourcefulness.
- Applies extensive organizational and/or project management expertise and has full knowledge of other related disciplines.
- May be viewed as expert within a given field.
- Formal training or certification on software engineering concepts and 5+ years applied experience.
- Experience running teams of architects that design cybersecurity solutions operations on cloud-based platforms and applications.
- Hands-on practical experience delivering enterprise level planning, design, and implementation of enterprise-level security solutions and controls related to:
- Secure Software Development Life Cycle (SSDLC) (e.g. code review, risk assessments, threat modeling, static code analysis, and dynamic application scanning)
- Modern Security Engineering/Architecture practices (e.g. micro services, containers, orchestration, continuous integration & delivery pipelines, API first, service delivery & integration, OWASP Top 10)
- Solution Development & Delivery
- Hands-on practical experience in cybersecurity architecture that can be applied and repeated across businesses, functions, and systems. Experience reviewing and securing cybersecurity products and solutions for public cloud-based applications and infrastructure, external-facing web-based solutions, and mobile.
- Experience growing and leading large, cross-functional teams of technologists.
- Subject matter expertise in multiple security domains (e.g., mobile, application security, vulnerability reduction, data protection, encryption, logging and monitoring, network security, etc.)
- Demonstrated prior experience influencing across highly matrixed, complex organizations and delivering value at scale.
- Experience leading complex projects and supporting system design, testing, and operational stability.
- Experience hiring, developing, and recognizing talent.
Experience:
10 years related experience that includes 5 years of Senior level cyber security experience and:
- Experience in Cross Domain Solutions
- Familiarity with Zero-Trust Architecture
- Must have excellent communications and interpersonal skills and should be able to convey technical aspects to personnel who may not be well-versed in those areas.
- Experience working in regulated industries, in particular leveraging technology standards, frameworks, compliance, and industry recognized best practice / standards (e.g. NIST, ISO, PCI, SOC, CIP).
- Exposure to projects using an Agile methodology and DEVSECOPS environment.
- Experience leading mid to large security initiatives and managing small teams.
- Should have experience scripting and coding.
Licenses & Certifications:
- Certification in Public Cloud Technology from one of the major Cloud Service Providers (e.g. AWS Certified Solutions Architect, Microsoft Azure Architect, Google Cloud Architect) or prominent independent organization such as ISC2.
- Systems Security Certified Practitioner (SSCP) certification
- Certified Information Systems Security Professional (CISSP)
Education:
Bachelor’s Degree in Engineering, Computer Science, Data Science, Information Technology or related experience
#LI-NM1
#corpajd
Compensation and Benefits:
Eversource offers a competitive total rewards program.Check out our careers site for an overview of our benefits programs. Salary is commensurate with your experience. This position is eligible for a potential incentive.The annual salary range for this position is:
$156,260.00-$173,620.00Worker Type:
RegularNumber of Openings:
1Emergency Response:
Responding to emergency situations to meet customers’ needs is part of every employee’s role. If employed, you will be given an Emergency Restoration assignment. This means you may be called to assist during an emergency outside of your normal responsibilities, work hours and location.
EEO Statement:
Eversource Energy is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to age, race, color, sex, sexual orientation, gender identity, national origin, religion, disability status, or protected veteran status.
VEVRRA Federal Contractor
Benefits
Eversource employees are committed to providing reliable energy and superior customer service—and that's why we are committed to providing our employees with a highly competitive total rewards package. In addition to wages and salaries, the benefit programs Eversource offers its employees and family members are a significant part of the total rewards.
