PEOPLE FOCUSED.
PERFORMANCE DRIVEN.

Search Our Jobs

Principal Architect - Information Security (DevSecOps)

Date: Jul 27, 2019

Location: Oklahoma City, OK, US, 73118

Our core values — integrity and trust, respect, transparency and open communication, commercial focus and change leadership — are the lens through which we evaluate every business decision. As a dynamic, growing company that offers extremely competitive compensation and benefits, our employees are our most valued assets and the foundation of Chesapeake’s performance among our E&P competitors.

Job Summary

This senior-level position is a member of the Security Architecture team.  Direct and performs all procedures required to ensure the safety of information systems assets, with a focus DevSecOps, Security Engineering with an emphasis on Security Application Development, and to protect systems from intentional or inadvertent access or destruction.  The successful candidate will play a leadership role in DevSecOps and Secure Application development.

Job Duties & Responsibilities

  • Oversees and conducts digital-related investigations at the request of corporate and field level business units.
  • Provides on the job leadership and training to more junior engineers.
  • Coordinates implementation of security designs, standards, and requirements with the Digital Enterprise Architecture team.  Provides leadership with the IT functional Security Champions in the form of security designs, requirements, and threat modeling.
  • Establishes digital security and emergency measures for policies, standards, and procedures.  Reports status, issues, and timelines to management and project teams as required.
  • Ensures that digital and information technology issues and administration is compliant with corporate polices and regulatory requirements.
  • Leads project teams composed of multi-disciplined personnel.
  • Directs modification of data and design of access to safeguard information and assets.
  • Performs other duties as assigned.

Job Specific Skills

  • Able to effectively manage time and prioritize projects in order to meet established deadlines.
  • Excellent verbal, written, and interpersonal communication skills.
  • Able to work effectively with all levels of co-workers, clients, and other external contacts.
  • Able to effectively abide by company policies, procedures, and technologies.
  • Able to function independently in a multi-task environment, as well as part of a team.
  • Able to handle sensitive and confidential information appropriately.
  • Ability to preserve confidentiality and work with sensitive and/or restricted data.
  • Expert knowledge of and understanding of Digital and Information Technology industry trends and emerging technologies in Information Security with a focus on enterprise cloud environments and relate them to the company and its objectives.
  • Expect high degree of competency in these CHK competencies: Integrity & Trust, Customer Focus, Driver for Results, and Peer Relationships.
  • Design and supervise the integration of application security validation and control technology into software development, build, test and release platforms
  • Apply and interpret application security objectives in context of designated platforms
  • Identify, champion, and supervise the implementation of defensive controls, methods and processes within custom developed applications
  • Subject matter expertise in application security of one or more major enterprise application platforms, incl. but not limited to C# .Net, Mobile (iOS and / or Android), Modern frameworks such as Angular JS and React Native
  • Advanced coding ability for the following (PowerShell, Python, C# .Net)
  • Container technologies such as Docker and Kubernetes
  • Cloud-native technologies such as Power Apps
  • Cloud service providers such as AWS and Azure, including IaaS and PaaS
  • Experience with DevSecOps/CICD processes such as Agile, Scrum and Kanban, and technologies, such as Git, Jenkins, JIRA, Maven, Chef, Puppet, Ansible, Azure DevOps, and Artifactory
  • Knowledge of at least three application security testing methodologies and approaches, including formal methods, system level security, SAST / DAST, threat modeling, ethical hacking and Red teaming

Education

Minimum: Bachelor’s degree - from accredited university

Preferred: Bachelor’s degree - from accredited university - IT, MIS, Computer Science or related field

Experience

Minimum: 8 - 12 years related work experience

Additional Qualifications

  • Technical writing skills
  • Web application development
  • AD Security (GPO configurations)
  • Cloud Security (AWS and/or Azure)
  • ServiceNow SecOps experience
  • NIST Cybersecurity framework experience
  • CISSP certification

 

Chesapeake Energy takes necessary action to ensure that all applicants are treated without regard to their race, color, religion, sex, sexual orientation, age, gender identity, national origin, genetic information, disability, pregnancy, military or veteran status or any other protected characteristic as established by law.

 

Chesapeake Energy Corporation's (NYSE:CHK) operations are focused on discovering and developing its large and geographically diverse resource base of unconventional oil and natural gas assets onshore in the United States.


Nearest Major Market: Oklahoma City
Nearest Secondary Market: Oklahoma

Job Segment: Information Security, Architecture, Engineer, Law, Information Systems, Technology, Engineering, Legal