Job Description

The Sr. Director, Cybersecurity Architecture is the senior leader responsible for enterprise cybersecurity architecture, solution design, and architecture governance across cloud, identity, network, endpoint, application, data, and detection domains. This role is a member of the Enterprise Risk & Resiliency Senior Leadership Team and helps shape organizational priorities, operating direction, and investment decisions across the function.

This role sets standards and reusable patterns, leads architecture reviews for major initiatives, and partners with business and technology teams to deliver secure, scalable, and practical solutions aligned to enterprise risk priorities. It also serves as the people leader for the architecture organization, with clear accountability for team structure, talent development, succession planning, and day-to-day leadership of the function.

Reporting to the CISO, this leader manages and develops a team of security architects and engineers and serves as a trusted advisor on tradeoffs involving risk, cost, performance, resiliency, and user experience. Success in the role requires strong people leadership, cross-functional influence, and active participation in Enterprise Risk & Resiliency leadership discussions, planning, and decision making.

Success in this role requires an authentic people leader with strong leadership presence, cross-functional influence, and budget experience, with the ability to balance team development, hands-on leadership across diverse security and risk functions, and collaboration with senior business leaders. This leader will provide the vision and direction needed to advance the organization’s future-state objectives in alignment with Enterprise Risk and Resiliency goals. The individual will also work closely with peers to understand business and technology priorities and align those drivers with the organization’s broader strategy.

• Lead and develop a diverse team of Cybersecurity professionals in support of a Global Fortune 200 company.
• Own the enterprise cybersecurity architecture framework, standards, reference architectures, and design guardrails.
• Manage across organizations and influence both business and Information Technology professionals.
• Develop, manage, and operate end user security organizations and programs.
• Lead architecture and design reviews for major programs, significant changes, and high-risk initiatives.
• Ensure solution designs align with enterprise strategy, risk appetite, policy requirements, and long-term architecture direction.
• Support the company’s ability to detect, respond and recover from Cyber and Cyber related incidents.

CAPABILITIES

• Security Architecture Strategy, Roadmap, and Future-State Transformation
• Enterprise Cybersecurity Architecture Leadership
• People Leadership and Organizational Development
• Financial Planning, Budget Management, and Investment Prioritization
• Cross-Functional Leadership and Executive Influence
• Security-by-Design, Secure Engineering, and Application Security Architecture
• Cloud Security Architecture (AWS, Azure, OCI)
• Identity, Access, and Zero Trust Architecture
• Security Operations Architecture Alignment
• Security Platform Rationalization and Optimization
• Network and Infrastructure Security Architecture
• Data Protection and Information Security Architecture
• Technology Standards, Reference Architectures, and Architecture Governance
• Cyber Risk Reduction and Security Control Integration
• M&A Security Architecture Integration
• Cyber Risk and Exposure Reduction Strategy
• Emerging Technology and AI Security Risk Management
• Business Aligned Security Architecture and Stakeholder Engagement

This is a remote position.

This position is not eligible for sponsorship for work authorization now or in the future, including conversion to H1-B visa. Must be legally authorized to work in the country of employment without needing sponsorship for employment work visa status now or in the future.

Job duties include contact with other employees and access confidential and proprietary information and/or other items of value, and such access may be supervised or unsupervised. The Company therefore has determined that a review of criminal history is necessary to protect the business and its operations and reputation and is necessary to protect the safety of the Company’s staff, employees, and business relationships.

Must be eighteen years or older

FORMAL EDUCATION

Required:

• Bachelor’s Degree (or foreign equivalent) or in lieu of a degree, at least 12 years in experience in the field of Information Technology, Cybersecurity or Business (work experience or a combination of education and work experience in the field of Information Technology or Business)

Preferred:

• Master’s degree in Computer Science, Cyber Security, Information Technology, Risk Management, or related field; or equivalent experience

• Certified Information Systems Security Professional (CISSP)

• Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)

KNOWLEDGE & EXPERIENCE:

Required:

• 12+ years’ experience leading security operations and engineering organization

• 10+ years leading direct reports.

• 7+ years of leading experience in security operations center processes and systems

• Working knowledge of AWS, Azure, Security Operations Technology

• 7+ years of experience in monitoring and vulnerability & threat management technologies as well as threat intelligence services and practices

• Demonstratable experience with security information and event management (SIEM) systems

• Commitment to fostering a culture of inclusion and diversity.

Preferred:

• 10+ years working in the Manufacturing or Consumer Products industry

• 7+ years of experience with incident response

• 3+ years’ experience leading a large team of 25+ direct and indirect reports) preferred.

• Strong understanding of emerging Cyber technologies, and industry best practices around policies and controls

TECHNICAL/SKILL REQUIREMENTS:

Required:

• Experience leveraging Open-Source security tools

• Demonstrated superior analytical skills, applying conceptual models, recognizing patterns while drawing and defending conclusions

• Strong business and financial acumen as well as analytical skills

• Clear and concise verbal and written communication

• Ability to lead through influence, including at executive levels

Preferred:

• Experience automating security tasks via scripting

• Knowledge of Windows Endpoints, Mac Endpoints, Cloud Networking

At Sherwin-Williams, our purpose is to inspire and improve the world by coloring and protecting what matters. Our paints, coatings and innovative solutions make the places and spaces in our world brighter and stronger. Your skills, talent and passion make it possible to live this purpose, and for customers and our business to achieve great results. Sherwin-Williams is a place that takes its stability, growth and momentum and translates it to possibility for our people. Our people are behind the strength of our success, and we invest and support you in:

Life … with rewards, benefits and the flexibility to enhance your health and well-being
Career … with opportunities to learn, develop new skills and grow your contribution
Connection … with an inclusive team and commitment to our own and broader communities
It's all here for you... let's Create Your Possible

At Sherwin-Williams, part of our mission is to help our employees and their families live healthier, save smarter and feel better. This starts with a wide range of world-class benefits designed for you. From retirement to health care, from total well-being to your daily commute—it matters to us. A general description of benefits offered can be found at http://www.myswbenefits.com/ Click on “Candidates” to view benefit offerings that you may be eligible for if you are hired as a Sherwin-Williams employee.

Compensation decisions are dependent on the facts and circumstances of each case and will impact where actual compensation may fall within the stated wage range. The wage range listed for this role takes into account the wide range of factors considered in making compensation decisions including skill sets; experience and training; licensure and certifications; and other business and organizational needs. The disclosed range estimate has not been adjusted for the applicable geographic differential associated with the location at which the position may be filled. The wage range, other compensation, and benefits information listed is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Qualified applicants with arrest or conviction records will be considered for employment in accordance with applicable federal, state, and local laws including with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act where applicable.

Sherwin-Williams is proud to be an Equal Employment Opportunity employer.  All qualified candidates will receive consideration for employment and will not be discriminated against based on race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, pregnancy, genetic information, creed, marital status or any other consideration prohibited by law or by contract.

As a VEVRAA Federal Contractor, Sherwin-Williams requests state and local employment services delivery systems to provide priority referral of Protected Veterans.

Please be aware, Sherwin-Williams recruiting team members will never request a candidate to provide a payment, ask for financial information, or sensitive personal information like national identification numbers, date of birth, or bank account numbers during the application process.