MINIMUM QUALIFICATIONS:

• 10+ years of information technology experience, with a BA or BS degree in computer science, MIS, or equivalent
• 5+ years of cyber security

EXPERIENCE:

• Industry certifications such as CISSP, CISM, or CISA
• Leading global projects
• Experience within a manufacturing company and with OT systems
• Experience working with and managing outsourced security service providers

KNOWLEDGE, SKILLS & ABILITIES:

• Risk management concepts
• The ability to synthesize high level objectives with an ambiguous environment to align on a direction with clear objectives and goals
• Knowledge of security frameworks such as ISO 27001 and NIST CSF
• Working knowledge of global security requirements and regulations such as SOX, GDPR, CCPA, and HIPAA
• Strong overall IT and OT knowledge in multiple domains to understand technical risks: networking, servers, cloud infrastructure
• Experience with security operations technologies such as endpoint detection and response tools, security information and event management tools, and firewall technologies
• The ability to build trust, connections, and influence stakeholders
• Competence in project management theory, knowledge, skills, tools and techniques
• Curiosity about new technologies
• Effective verbal and written communication skills with engaging presentation abilities
• The ability to build trust, connections, collaborate, and influence stakeholders
• Operates effectively in a matrix environment
• Thinks and acts on a global scale
• Proactive leader and worker with continuous learning and growth mindset
• Ability to challenge the status quo and continuously striving for excellence
• Demonstrated experience working with maintaining security integrity for the corporation, employees, and shareholders
• Demonstrated extraordinary business and interpersonal judgment
• The ability to execute and deliver results
• Proven agility and organizational skills to handle multiple priorities
• Strong business acumen
• Ability to travel, domestically and internationally, approximately 20%

Knowing Our Businesses and their Strategies

• Build relationships within the GIS organization, cross-functionally, and with key stakeholders; ensure effective contact to remain aligned with functional objectives.
• Understand the strategic direction of the company’s businesses; develop and execute functional strategies to support and enhance business results and be knowledgeable of the project work that supports this direction and implications to the business.
• Know what best-in-class GIS organizations do and obtain outside-in market insights to understand and then apply to positively impact Owens Corning
• Consult on IT and business projects to ensure security risks are identified, prioritized, and managed appropriatel

PURPOSE OF THE JOB

The Security Architect is a critical member of the Owens Corning Information Security team. This team has global responsibility for ensuring the appropriate security processes, policies, and technologies are in place to support Owens Corning’s business goals and objectives.
Aligned with OC’s enterprise growth initiatives and strategies, the Security Architect is a key role in driving Owens Corning’s security strategy and securely enabling the business to take advantage of new technologies. Primary responsibilities of this role are to provide consultative guidance on new technology initiatives and projects, develop actionable recommendations, define security requirements and recommendations, evaluate risks and develop mitigations, and deliver security tools and processes to enable the business.
A successful candidate will have core foundational knowledge in identity and access management as well as a broad IT technology background to manage security concerns with IT infrastructure, cloud, and applications. The ideal candidate will demonstrate the ability to connect and build trust with stakeholders, deliver on commitments, and drive results drives for results.
Reports to: Director, GIS - Security Operations and Architecture
Span of Control: Individual contributor; indirect leadership of partners and project teams

JOB RESPONSIBILITIES

Knowing Our Businesses and their Strategies

• Build relationships within the GIS organization, cross-functionally, and with key stakeholders; ensure effective contact to remain aligned with functional objectives.
• Understand the strategic direction of the company’s businesses; develop and execute functional strategies to support and enhance business results and be knowledgeable of the project work that supports this direction and implications to the business.
• Know what best-in-class GIS organizations do and obtain outside-in market insights to understand and then apply to positively impact Owens Corning
• Consult on IT and business projects to ensure security risks are identified, prioritized, and managed appropriately

Developing and Executing a Strategy

• Design and Implementation: Develop, implement, and maintain security architectures for both traditional IT and cloud environments.
• Security Strategy: Create and update security strategies and frameworks to address evolving threats, including cloud-specific risks and hybrid deployments.
• Risk Assessment: Conduct project-based vulnerability assessments, penetration testing, and risk analysis across on-premises and cloud systems, and recommend mitigation strategies.
• Cloud Security: Implement cloud security controls, such as identity and access management, encryption, network segmentation, and monitoring.
• Data Security: Define security requirements and controls to protect company data and intellectual property from unauthorized exposure.
• Standards and Compliance: Develop and enforce security standards and procedures to ensure compliance with regulatory requirements and industry best practices.
• Stakeholder Collaboration: Advise stakeholders on security requirements for new initiatives, review proposed changes, and recommend secure solutions for business objectives.
• Security Reviews: Evaluate third-party software, services, and integrations for security risks, especially in cloud-based solutions.
• Incident Response: Support incident management and post-incident analysis, including root cause determination and recovery planning.
• Continuous Improvement: Stay current with emerging technologies and threats and drive ongoing improvements in security architecture and awareness programs.
• Documentation: Maintain thorough documentation of security architectures, processes, and controls for both on-premises and cloud systems.

Lead and Influence in the Function

• Inspires teamwork across GIS functions and regions to maximize the performance of Owens Corning and the development of people.
• Is regarded by the employees of Owens Corning as a role model for their growth, development, and conduct.
• Provides thought leadership, sets vision, and communicates strategy for the development of people.

Developing Talent

• Invest in personal growth and development, clearly focused on self-learning
• Develop depth of key skills within direct team to meet business needs.
• Mentor high potential talent within Owens Corning