Job Overview

Develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Researches and interprets current and pending governmental laws and regulations, industry standards and customer and vendor contracts to communicate compliance requirements. Conducts information security risk assessments, security compliance audits and cybersecurity audits. Establishes IT security audit procedures relevant to SOX, HIPAA, PCI DSS and international data privacy laws. Evaluates and tests the design and operating effectiveness of IT security controls. Maintains compliance of internal IT security controls by meeting internal and external information security requirements. Documents, investigates and reports cybersecurity compliance issues and incidents. Works with business leaders to ensure information security risk findings are reviewed and solutions are implemented.

What your background should look like:

Role Summary
TE Connectivity is seeking a hands-on Enterprise Security Architect & Compliance to own and elevate our cybersecurity posture across security architecture & compliance. This role is accountable for designing and governing enterprise security architecture, driving regulatory and framework alignment, and establishing a risk-based program that measurably reduces exposure across cloud, data, identity, applications, and third parties.
Key Responsibilities
1) Security Architecture, Design & Review (90%)
•    Define target-state security architecture and reference patterns.
•    Consult on architecture design reviews for critical systems within multiple type environments (on-prem, on-cloud and SaaS) 
•    Embed security into SDLC and platform engineering. 
•    Partners with application teams to document and understand requirements.
•    Establish logging/telemetry standards and control verification.
•    Strong requirement is the of technical skills, including a deep understanding of security principles, protocols, and systems (like firewalls, encryption, and SIEM tools), as well as soft skills like strategic thinking, problem-solving, and strong communication. Additional key requirements include experience with cloud security and identity and access management, plus knowledge of relevant compliance frameworks like ISO 27001 and NIST. 

Technical skills
•    Security protocols and systems: Deep knowledge of cryptography, authentication, authorization, and network security principles.
•    Security tools: Hands-on experience with tools such as SIEM, IDS/IPS, DLP, endpoint protection, and vulnerability management systems.
•    Cloud and enterprise architecture: Experience with cloud security (AWS, Azure, Ali, etc), network and system architecture, and enterprise architecture frameworks (like TOGAF).
•    Programming and scripting: Proficiency in scripting and programming languages is often required for automation and integration (e.g., Python, JSON).
•    Operating systems: Strong knowledge of various operating systems like Windows, Linux, and UNIX.
•    Compliance and regulations: Familiarity with industry standards and regulations such as ISO 27001, NIST, GDPR, HIPAA, and PCI DSS. 
•    Analytical and problem-solving: Ability to conduct risk assessments, analyze threats, and develop effective mitigation strategies.
•    Leadership: Ability to lead security improvement projects and manage teams. 

2) Compliance (10%)
•    Own the security control framework and policies; map to relevant regulations (in China and AP), standards, and customer commitments.
•    Lead readiness and continuous compliance programs.
•    Establish measurable control objectives, exceptions, and risk acceptance procedures.
•    Collaborate with GRC and consult on driving data protection governance.
3) Leadership
•    Mentor security engineers and regional service delivery teams.
•    Build a culture of security by design
Qualifications
Must-Have
•    10+ years in IT and cybersecurity with deep experience across multiple fields like security architecture and regional compliance
•    Proven track record within enterprise security architecture and regulatory compliance programs.
•    Hands-on expertise with modern cloud security and DevSecOps toolchains.
•    Strong grasp of ISO 27001, NIST CSF/800-53, and major regulatory regimes.
•    Ability to translate technical risk into business impact.
•    Strong understanding of China cyber security environment.  
•    Ability to multi-task, prioritize, work independently, and strong time management skills
Education
Bachelor’s in computer science, Information Security, Engineering, or equivalent experience. Advanced degree a plus.

Competencies