Security Architect I

Security Architect I Technology architect for the Security environment. Works with Enterprise and other Information Technology Architects on projects. Acts as internal consultant providing security consulting services to project teams (architectural guidance, critical technical support, etc.). Primary Activities and Responsibilities Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. Regularly engages in various security projects and initiatives involving highly sensitive information. May perform data mining and analysis of highly sensitive data Leads the development of new security processes and procedures. Applies knowledge and experience of security issues and systems to develop process improvements. Provides oversight for detailed systems and security functions, including access control provisioning and de-provisioning through application of established processes and procedures. Assist in the development of security architecture and security policies, principles and standards. Manage production issues and incidents, and participate in problem and change management forums Recommend and coordinate the implementation of technical controls to support and enforce defined security policies. Follow best practices around developing and maintaining secure systems. Provide technical guidance on the deployment, configuration, and best practices of network intrusion detection and prevention sensors and other information security monitoring infrastructure Performs analysis and response to the most complex security relevant events and incidents Assist with the resolution of negative audit findings reported by internal or external auditors. Work with various stakeholders to identify information asset owners to classify data and systems as part of a control framework implementation. Play an advisory role in application development or acquisition projects, to assess security requirements and controls and ensure that security controls are implemented as planned. Miscellaneous activities and responsibilities as assigned by manager. Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining professional networks; participating in professional organizations Minimum Qualifications Bachelors degree from an accredited institution required in Computer Science, Computer Engineering, Software Engineering, Information Systems/Technology or related major field of study. 7 or more years of experience in Information Security with focus specifically on Security Architecture, Security Operations, Cryptography, Network Security or Security Forensics Equivalent Minimum Qualifications High School diploma/GED 10 or more years of experience in Information Security. Preferred Qualifications Master''s degree from an accredited institution required in Security, Computer Science, Computer Engineering, Software Engineering, Information Systems/Technology or related major field of study. 10 or more years of experience in Information Security with focus specifically on Network Security, Security Architecture, Security Operations, Cryptography, or Security Forensics. Past experience in a leadership/senior role in Information Security Management (ISC)² Certified Information Systems Security Professional (CISSP) Other Certifications/Licenses: CompTIA Security+, GIAC Information Security Fundamentals (GISF), (ISC)2 Systems Security Certified Practitioner (SSCP), EC-Council Certified Ethical Hacker (CEH), (ISC)² Certified Information Systems Security Professional (CISSP), (ISACA) Certified Information Security Manager (CISM), (ISACA) Certified Information Systems Auditor (CISA), (ISC)² Certified Cloud Security Professional (CCSP), GIAC Security Essentials (GSEC) Knowledge and Skills Expert knowledge of network infrastructure, including routers, switches, firewalls and associated network protocols and concepts. Working knowledge of software defined networking(SDN) a plus. Experience securing cloud environments(AWS, Azure, GCP). Expert knowledge of Information Security policies and processes; adheres to and improve upon company Information Security policies and procedures; mastery of core technical concepts; developing advanced knowledge of one or more specific Information Security domains; will support and assist in response to security events and escalations; may provide disaster recovery support; responsibilities may extend beyond day-time business hours, including on-call rotation Knowledge of OIDC/SAML, Microsoft Active Directory Services, Mainframe and RACF, LDAP. Technical agility and strong analytical skills. Knowledge of mainstream operating systems (for example, Microsoft Windows, MAC OS, and Linux) and a wide range of security technologies, such as network security appliances, identity and access management systems, automated policy compliance and desktop security tools Knowledge of application technology security testing (white box, black box and code review) Knowledge of developing, documenting and maintaining security policies, processes, procedures and standards Strong written and verbal communication skills Strong analytical skills Interest and willing to mentor junior members Ability to analyze security requirements and relate them to appropriate security controls Job Requirements Hours which include rotating on-call responsibilities which may be outside standard hours Work hours may vary in length and schedule (may include a non-standard work week)CSX, based in Jacksonville, Florida, is a premier transportation company. It provides rail, intermodal and rail-to-truck transload services and solutions to customers across a broad array of markets, including energy, industrial, construction, agricultural, and consumer products. For nearly 200 years, CSX has played a critical role in the nation''s economic expansion and industrial development. Its network connects every major metropolitan area in the eastern United States, where nearly two-thirds of the nation''s population resides. It also links more than 230 short-line railroads and more than 70 ocean, river and lake ports with major population centers and farming towns alike. More information about CSX Corporation and its subsidiaries is available at Like us on Facebook and follow us on Twitter . Closing Statement At CSX, two of our five Guiding Principles are Valuing and Developing Employees as well as Operating Safely. We are committed to offering our team members the most competitive compensation and benefits package available, unlimited opportunities for development and growth throughout an exciting and rewarding career, and the safest work environment possible.CSX is an Equal Opportunity Employer Veterans/Disabled. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Click here to view the EEO is Law poster. Click here to view the OFCCP pay transparency provision information. CSX Transportation and its subsidiaries are not seeking outside assistance or accepting unsolicited resumes from staffing agencies or search firms for employment or contractor opportunities. Any resumes submitted by an outside vendor to any employee at CSX via e-mail, Internet, or directly to hiring managers without a valid written search agreement in place with the Talent Acquisition / HR department will be deemed the sole property of CSX. No placement fee will be paid in the event a candidate is hired as a result of the referral, or through other means.

Created: 2025-11-15