Website The Estée Lauder Companies Inc.
The ECR Engineering Architect, Director is responsible for security oversight, architecting, and engineering of Estee Lauder’s environment. This will encompass supporting security assessments of infrastructure and applications, and defining security standards, developing and implementing security controls using Agile techniques.
This position will directly contribute to the overall ELC’s Global digital stance. This role will also provide security solutions around Applications, Infrastructure, Platform, and Cloud Services (IaaS/PaaS/SaaS).
- Maintain currency of new and emerging security threats, security frameworks, and regulations
- Supports assessments of critical security controls for the company’s cloud-based business applications and remediate security gaps conducted by the Senior Technical Director of Application Security.
- Participates in the review of design principles and controls relating to third party solution providers.
- Designs security reference architectures and associated security principles to support business projects, including necessary integration points across ECR,
- Validates efficacy of configurations in support of Cybersecurity Threat Management Center (CTMC) monitoring of security on systems deployed in the cloud
- Ensures ELC’s Application Security framework.
- Works with ELC’s Engineering, Infrastructure Services, and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the application environments
- Evaluates designs and implements new cloud technology and processes to mature security controls.
- Designs and develop security architectures for the public (Azure, AWS, GCP, Alibaba) and hybrid clouds
- Builds template plans to assist with application migrations into different cloud deployment models.
- Excellent oral and written communication skills.
- Broad technical security skills in multiple technology areas such as applications deployments, endpoints, data, infrastructure, cloud, DNS, PKI,
- Email, OS (Windows, MAC, *NIX), SDN, encryption, forensics, authentication, firewalls, proxies, identity and access control, BC/DR, remote access, and cryptography.
- Ability to engage and articulate with Executive Management, Legal, Risk, 3rd-party, and IT teams.
- Self-motivated with a strong ability to work and maintain currency in a changing landscape.
- Ability to develop and document methods, standards, and guidelines.
- Conversant in cybersecurity, assurance, and audit standards/models/frameworks such as ISO27001, NIST, COBIT, DRII CBK, Six Sigma, ITIL, PCI, SOX, FDA, HIPAA, PII, etc.
- CISSP and/or CISM
- Undergraduate-level in Computer Science/Cybersecurity or equivalent professional experience
- Demonstrated experience with utilizing and migrating to one or more cloud technologies such as Microsoft Azure, and AWS. Knowledge of
- Google Cloud Platform, Alibaba Cloud, and Microsoft Office 365 is a plus.
Company: The Estée Lauder Companies Inc.
Vacancy Type: Full Time
Job Location: New York, NY, US
Application Deadline: N/A