Long Island City, New York, US
Text size
aA+ aA-
Click here to print

Director, Security Architecture - Global Information Security

Country : USA USA

State : New York

County : Queens County

Town : New York

Category : Logistics

Contract type : Permanent

Availability : Full time

Job description

Position Summary The ECR Engineering Architect, Director is responsible for security oversight, architecting, and engineering of Estee Lauder's environment. This will encompass supporting security assessments of infrastructure and applications, and defining security standards, developing and implementing security controls using Agile techniques. This position will directly contribute to the overall ELC's Global digital stance. This role will also provide security solutions around Applications, Infrastructure, Platform, and Cloud Services (IaaS/PaaS/SaaS). Must have an excellent track record and proven ability to produce effective, innovative solutions on an enterprise scale. Must continually evaluate the evolving cybersecurity industry to maintain currency and understanding of the latest innovations. Key Roles & Responsibilities - Designs security reference architectures and associated security principles to support business projects, including necessary integration points across ECR, - Supports assessments of critical security controls for the company's cloud-based business applications and remediate security gaps conducted by the Senior Technical Director of Application Security. - Builds template plans to assist with application migrations into different cloud deployment models. - Evaluates designs and implements new cloud technology and processes to mature security controls. - Designs and develop security architectures for the public (Azure, AWS, GCP, Alibaba) and hybrid clouds - Ensures ELC's Application Security framework. - Works with ELC's Engineering, Infrastructure Services, and Application Development organizations to choose appropriate technology solutions and facilitates complete integration into the application environments - Validates efficacy of configurations in support of Cybersecurity Threat Management Center (CTMC) monitoring of security on systems deployed in the cloud - Participates in the review of design principles and controls relating to third party solution providers. - Maintain currency of new and emerging security threats, security frameworks, and regulations - Facilitates deployment orchestration and automation with a focus on security.


Extensive experience in architecting and engineering complex security solutions utilizing and interpreting models to implement company policies, standards globally. Conversant in cybersecurity, assurance, and audit standards/models/frameworks such as ISO27001, NIST, COBIT, DRII CBK, Six Sigma, ITIL, PCI, SOX, FDA, HIPAA, PII, etc. Broad technical security skills in multiple technology areas such as applications deployments, endpoints, data, infrastructure, cloud, DNS, PKI, Email, OS (Windows, MAC, *NIX), SDN, encryption, forensics, authentication, firewalls, proxies, identity and access control, BC/DR, remote access, and cryptography. Demonstrated experience with utilizing and migrating to one or more cloud technologies such as Microsoft Azure, and AWS. Knowledge of Google Cloud Platform, Alibaba Cloud, and Microsoft Office 365 is a plus. Ability to engage and articulate with Executive Management, Legal, Risk, 3rd-party, and IT teams. Self-motivated with a strong ability to work and maintain currency in a changing landscape. Ability to develop and document methods, standards, and guidelines. Excellent oral and written communication skills. Undergraduate-level in Computer Science/Cybersecurity or equivalent professional experience CISSP and/or CISM 10+ years' of experience
Click here to print

Website reserved for fashion, luxury and beauty industry professionals.