Skip Navigation

Cleveland-Cliffs

Some see obstacles.
Others see a challenge.
Search Jobs

Career Opportunity

Lead IT Security Architect

Job ID 680952992 Date posted 08/18/2020
Location : Cleveland, OH
JobCode : 3160
Position Type : Salary

Description :

The Lead IT Security Architect (LSA) provides a high level of technical and subject matter leadership and is a recognized expert within Cliffs Information Security sector.  The LSA works closely with the Manager Security Services and is required to lead the design, evaluation, monitoring, and maintenance of the information security systems at Cleveland-Cliffs Inc.  The position will be required to lead the development of security solution architecture and integration planning, along with the design of functional specifications. 

A key priority for this position will be to ensure that new security solution technologies are evaluated to keep pace with the ever-changing threat landscape.  The position is required to provide recommendations to keep Cliffs security posture aligned with industry standards and best practices, while also ensuring the most value and efficiency is delivered from current assets.

The Lead IT Security Architect will be heavily involved in project related configuration and installation, requiring the position to have the ability to lead functional teams and delegate tasks to ensure work is done efficiently and on time.  This role is a highly visible position that works closely with a variety of team members including executives, managers, network engineers, application administrators, and various mining and steel site personnel.  As such, this role will require a person with exceptional communication, organizational, technical, and people skills. 

The overall goal of this position is to develop, implement, and maintain strategic security solutions in support of corporate business initiatives, while providing a sustainable world class security suite across the enterprise.

Specific Responsibilities/Essential Functions

  • Is the recognized technical and subject matter expert for Cliffs Information Security Systems.
  • Leads the security review process and makes formal recommendations for new and existing technologies.
  • This role will be the subject matter and technical expert responsible for vulnerability management, privileged account management, end point protection, email filtering, threat prevention and detection, incident response, threat intelligence, security vendor management (and working with outside vendors on security assessments and penetration testing), and responding to a centralized security information and event management system (that is externally managed).
  • Identifies and evaluates potential threats and vulnerabilities (either detected internally or publicly announced) that could impact the company’s applications or infrastructure and recommends mitigating controls to reduce the companies risk.
  • Responsible to detect and respond to security events and is the Security Team Incident Response technical lead.
  • Continues to increase the security posture of the company by leveraging the enterprise Security Event and Incident Management tools (SIEM), perimeter email defense, vulnerability management platform, anti-virus, intrusion detection, and password/account management solutions. 
  • Leads the recovery of our security solutions in the annual Disaster Recovery Test.
  • Must have the ability to solve complex problems by analyzing, designing, and implementing cost-effective solutions according to user specifications.
  • A commitment to maintain and enhance their extensive knowledge and understanding of information security, risk management and regulatory compliance topics.  Maintains professional/technical currency of information security knowledge.
  • Lead for the security information and event management process for all monitoring, logging, alerting, auditing and reporting on threats, vulnerabilities and breaches. Working with managed service provider, determine the appropriate thresholds and monitor the environment for anomalous behavior.
  • Drives assessments of the business compliance to information security policy in the areas of manual or automated processes, procedures and access control.
  • Modifies and recommends security systems to accommodate additional service needs or required changes.
  • Leads efforts with internal and external audit to ensure Cliffs security standards and practices meet requirements.
  • Performs additional duties as directed by the Manager Security Services, Director Enterprise Services, and Chief Information Officer.
  • Delegates tasks and provides support for other team members as required.
  • Ability to respond to emergency service calls at any time outside of normally assigned work hours.
  • Willingness to travel up to 10% and be flexible to work various hours to accommodate international business needs.

Education/Experience Requirements

Education:

  • Bachelor’s Degree in Information Systems, Computer Science or an equivalent degree.
  • Certification in one or more of the following areas:
    • CISSP, GSE, GCED, GPPA, GCIA, GRID, GCIP, GDAT, GMON, GDSA, GCIH, GEVA, SCYBER, CNDA
  • Manufacturing industry experience is preferred; mining or steel experience is a plus.

Experience:

  • 10+ years of security experience within a corporate IT environment.
  • Experience with vulnerability management toolsets, hacking toolsets, and security information and event management systems (Qualys, Tenable, and AlienVault highly preferred).  Past experience developing dashboards and reports to measure the company’s security posture.
  • Experience managing and maintaining end point protection and application security platforms (Cylance, SCCM, DefendPoint, and highly preferred).
  • Experience with managing a privileged account management solution (CyberArk highly desired).
  • Previous experience with administering email filtering and threat prevention modules (ProofPoint highly preferred).
  • Experience leading a threat detection and incident response program.
  • High level of security vendor management experience and the ability to work with these vendors on security assessments and penetration testing.
  • Familiarity with the following technologies: Identity Management and authentication platforms, authorization, password and privilege management, access control, next generation firewalls (Palo Alto), virtual private networking, and computer network defense, firewall and router configuration, switches, secure network architecture, PKI, IPSEC, SSL, SSH, SMTP, FTP, WAN, Radius, F5, Sniffer technologies, modern Windows Operating Systems (2012-19/, 7-10), modern Linux based Operating Systems (Red Hat, Oracle Linux), Vulnerability Management platforms (Qualys), Office 365, Active Directory, LDAP. 
  • Expert level ability to diagnose/troubleshoot on various security technologies.
  • Familiarity with securing ISC or SCADA systems a plus.
  • Excellent communication skills with the ability to communicate with and understand the needs of non-technical constituents, both internal and external.
  • Demonstrated experience being a technical lead on projects.
  • Ability to research, prepare, and present cost estimates, budget reports, capacity forecasting, and systems upgrade recommendations.
  • Ability to read and expertly interpret technical documents and procedure manuals.
  • Strong interpersonal skills, oral communication skills, and proven analytical and creative problem-solving abilities.
  • Strong customer service orientation.
  • Experience working in a team-oriented, collaborative environment.
  • The ability to work independently, with little guidance.

Competencies

  • Successful candidate must be detail oriented, well organized, assertive, and be able to manage multiple tasks simultaneously.
  • Excellent written and verbal communication skills
  • Outstanding presentation skill to other team members and to management team.
  • Leadership and strong interpersonal skills; results-driven, team player
  • Creative problem solving and analytical skills,
  • Candidates should be highly motivated and willing to learn new practices as required.
  • Must be able to effectively communicate with customers, peers and management.

Who We Are

Founded in 1847, Cleveland-Cliffs is among the largest vertically integrated producers of differentiated iron ore and steel in North America. With an emphasis on non-commoditized products, the Company is uniquely positioned to supply both customized iron ore pellets and steel solutions to a quality-focused customer base.

AK Steel, a wholly-owned subsidiary of Cleveland-Cliffs, is a leading producer of flat-rolled carbon, stainless and electrical steel products. The AK Tube and Precision Partners businesses provide customer solutions with carbon and stainless steel tubing products, die design and tooling, and hot- and cold-stamped components. In 2020, Cliffs also expects to be the sole producer of hot briquetted iron (HBI) in the Great Lakes region.

Ready to seek your newest professional adventure? Explore our range of opportunities and join us at Cliffs.

Employee in blue coveralls and hard hat

Employment Opportunities

Cleveland-Cliffs offers opportunities for high-performing individuals in a myriad of technical and professional disciplines. Whether in the field or office, Cliffs fosters an environment that empowers our employees to achieve their highest potential. Regardless of the location, employees will be presented with a challenging and rewarding environment. A competitive compensation package, opportunities for advancement and work-life balance all lead to a positive, passionate career at Cleveland-Cliffs.

Join Our Talent Community

Select InterestsSelect a category and/or location from the auto suggestions and click “Add.”

Employee wearing hard hat operating equipment
LinkedIn

Get Job Recommendations

With just 1 click and a connection with LinkedIn, you can receive job listings that best match your previous positions.

Get recommendations