Cyber Security Architect

If you are a GPI employee, please click the Employee Login before applying.

At Graphic Packaging International, we produce the paper cup that held your coffee this morning, the basket that transported those bottles of craft beer you enjoyed last weekend, and the microwave tray that heated your gourmet meal last night. We’re one of the largest manufacturers of paperboard and paper-based packaging for some of the world’s most recognized brands of food, beverage, foodservice, household, personal care and pet products. Headquartered in Atlanta, Georgia, we are collaborative, diverse, innovative individuals who create inspired packaging while giving back to our communities. 

With over 25,000 employees working in more than 130 locations worldwide, we strive to be environmentally responsible in our industry and in the communities where we operate. We are committed to workplace diversity and offer compensation and benefits programs that are among the industry’s best to reward the talented people who make our company successful.

If this sounds like something you would like to be a part of, we’d love to hear from you.

A World of Difference. Made Possible.

Cyber Security Architect – Graphic Packaging International, LLC – Atlanta, GA.

Job Duties: Responsible for maintaining and designing a safe and secure operating environment for Graphic Packaging, co-leading the development of information security strategies, conducting security assessments, and implementing security solutions to assist businesses with the assessment and improvement of Graphic Packaging’s security infrastructure. Conduct architecture oversight of security operations delivery across multi-supplier service lines, across Global IT. Establish system safeguards by directing disaster preparedness development and conducting preparedness tests. Develop security awareness by directing development of orientation and training programs and counseling business units. Advise senior management by identifying critical security issues and recommending risk-reduction solutions. Partner with various internal company departments to provide internal security consulting for various corporate initiatives. Conduct forensic analysis of corporate assets to provide Management, Human Resources, Legal, or others (as approved) with requested information to address business continuance and/or litigation needs. Process security questionnaires submitted by potential company partners or company clients. Manage continuous improvement process of security operations. Act as the single point of accountability across Global IT for security. Provide the policies and processes across Global IT for Information Security. Oversee relationship with Managed Security Service Providers (MSSPs). Responsible for security monitoring metrics and trending for actionable patterns including pushing knowledge base articles to the Global Help Desk to allow remote incident remediation where applicable. Drive process improvement to continually improve service and reduce costs. Collaborate and document with engineering management teams to ensure proper deployment and monitoring of new security technologies and cloud enablement as GPI continues to evolve in that space. Extend current security operations management governance model to a global footprint in partnership with other IT leaders in the organization. Perform root cause analysis, future prevention / risk mitigation on critical security incidents. Establish and maintain an effective security incident response, notification, and escalation process by working closely with other leads on the IT Service Management teams. Engage third level support and vendor system engineers as necessary to participate in problem response and root cause determination of security incidents. Accurately assess business impact & create action plans for remediation of security related events. Work with the compliance team and vendors to ensure SOX evidence for internal & external audit. Ensure regulatory compliance with regional, national, & international data privacy regulations. Be a part of the Strategic Architecture Review Team (S.T.A.R.T) in providing guidance in the area of new technology enablement to ensure technology platform is managed for risk mitigation. Provide guidance to development teams to ensure the appropriate level of secure code scans are performed prior to implementing code into the production environment.

Minimum Requirements: Bachelor’s degree in Computer Science, Computer Information Systems, Information Technology, or a related IT field. Must have 5 years of IT experience as a global IT security organization leader, including demonstrated experience in: information security; information and cyber security assessment; risk analysis, privacy, data protection, and regulatory frameworks; risk and security architecture; cyber incident response leadership; NIST cyber security framework; Expertise in Privilege Management, Single Sign On, Identity Access management, or Cloud and Network Security; information security threats, vulnerability management, countermeasures, and associated operational best practices; multiple project management involving key stakeholders across a complex organization inclusive to Ide; compliance and validation within an effective and secure needs-based desktop solution; continual operational improvement leadership; and a heterogeneous IT environment including multi-vendors. Up to 10% U.S. domestic and international travel is required. Employer will accept a master’s degree in one of the above-listed fields and 3 years of the above-listed experience in lieu of a bachelor’s degree in one of the above-listed fields and 5 years of the above-listed experience.

Must have legal authority to work in the U.S. EEOE.  

How to Apply: Send resumes to Cory Francis, HR Business Partner, Graphic Packaging International, LLC, 1500 Riveredge Pkwy NW, Suite 100, Atlanta, GA 30328, or email to cory.francis@graphicpkg.com. Please reference job title + PB24 in cover letter or email subject line.

Graphic Packaging is an Equal Opportunity Employer. All candidates will be evaluated on the basis of their qualifications for the job in question. We do not base our employment decision on an employee's or applicant's race, color, religion, age, gender or sex (including pregnancy), national origin, ancestry, marital status, sexual orientation, gender identity, genetic identity, genetic information, disability, veteran/military status or any other basis prohibited by local, state, or federal law. Click here to view the Poster, EEO is the Law.

​