IT Cyber Security Engineer
The IT Cyber Security & Assurance (CS&A) Security Engineer provides expertise on information systems security, purpose, plan and implementation and maintenance of security defenses that provide the best protection and value for the organization.
Assists with the creation of security architecture and implementation artifacts that fully integrate with Business, information technology initiatives and objectives.
A P3 level engineer is responsible for developing, articulating, and implementing knowledge in a holistic manner, across multiple mission-
critical categories and domains of Cyber Security. Some limited examples of engineering solution expertise include; but not limited to :
S / he must have cross-domain expertise in at least three of the core categories listed above. The skillset and ability to collaborate with domain experts to ensure cohesive, end-
to- end security program maturity is paramount.
This P3 level engineer is expected to partner with senior team members to, negotiate, and influence non-technical bodies (i.
e. legal, compliance, finance, etc.) in order to gain approval to build and deploy proper solutions to safeguard KC’s people, data, and systems.
The P3 engineer will be responsible for assisting in the lead of multiple architecture and delivery of projects representing strategy-
shift and investments greater than $500,000 per initiative / strategy.
This role is viewed as an expert in complex security environments, encompassing both business process understanding and technical expertise.
The P3 engineer directly interfaces with senior engineers and at times may be asked to interface with leadership and business units to communicate capabilities in business and non-
technical terms. S / he will develop solutions and strategy for CS&A to deliver the business’s desired results. The Engineer assists in developing of innovative technical solutions to, important, highly complex strategic operational goals.
Is knowledgeable in industry best practices in their area of expertise and uses resources outside of KC to deliver solutions.
ESSENTIAL FUNCTIONS :
Has a broad depth and global impact / focus across the enterprise; including multiple functional and technical areas with wide range of complexity.
Ensures architectural principles are applied to reduce risk and drives adoption and adherence to policy, standards and guidelines.
Design and implement security technologies such as (1) cryptographic technologies used for non-repudiation and authorization, (2) access management technologies to protect access to Kimberly-
Clark resources and (3) multi-tier cloud and on premise architecture to support high- availability / fault tolerance
Work with Senior Engineers to effectively architect, design and translate objectives into tactical plans
Assist with the development of strategy and execution plans for the digital landscape to enable Kimberly-Clark security to move from reactive to proactive / adaptive
Contributes to the evaluation and selection of security software product standards
Consults and shares knowledge across org; awareness of industry trends
Operates as a focus for IT security expertise for the organization, providing guidance on the application and operation of specific / respective security controls
MINIMUM REQUIREMENTS :
Education required / preferred :
technical users and leaders
C organization including suppliers, partners and customers.
Skills / Competencies :
Information security : Develops and communicates security policy, standards and guidelines. Contributes to the development of organizational strategies that address security control requirements.
Identifies and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks.
Assist with the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions e.
g. legal, technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.
Business Risk Management : Manages the implementation of organization-wide processes and procedures, tools and techniques for the identification, assessment, and management of risk inherent in the operation of business processes and of potential risks arising from planned change.
Solution Architecture : Uses appropriate tools, including logical models of components and interfaces, to contribute to the development of systems architectures in specific business or functional areas.
Produces detailed component specifications and translates these into detailed designs for implementation using selected products.
Within a business change program, assists in the preparation of technical plans and cooperates with
business assurance and project staff to ensure that appropriate technical resources are made available. Ensures that relevant technical strategies, policies, standards and practices (including security) are applied correctly.
Build Trust : Possesses strong negotiation and influencing skills and can demonstrate the ability to deal tactfully and constructively with staff at all levels.
Excellent communication skills both written and verbal. Able to communicate highly technical concepts to non-technical people.
ORGANIZATIONAL RELATIONSHIPS / SCOPE :
Role will report to a Senior Manager in the Cybersecurity and Assurance organization. Role will not have any direct reports.
Key Interfaces :
WORKING CONDITIONS : Travel may include approximately 15% of work time.
Travel may include travel via aircrafts and motor vehicles to various locations, if applicable.
DISCLAIMER : The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification.
They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position.
Global VISA and Relocation Specifications :