Security Architect - 220-day initial +3x 1-years - Strasbourg - EU-age
Posted on May 11, 2020 by infom consulting GmbH
We are looking for one "Security Architect " in STRASBOURG to start from ASAP a 220-day contract for an international Org' client in Strasbourg.
The start might be off-site because of Corona, but then the position will be on-site, when possible, which is foreseen from June/July. This is a real longterm contract with possibility of extension based on performance and budget availability (initial 220 day contract from May, where additional 3x220 = 660 days extensions are foreseen).
Our client is an international organisation and a great reference in any CV! English speaking environment. A Security clearance (SC - EU SECRET) will be required for this position, if you don't have a valid SC, we will guide you.
- Security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, system security appliances, and host-based security systems
- Plan, coordinate, and perform programming for all security systems and other IT integrated components to meet eu-AGENCY-CLIENT and system operational needs
- Review of design physical security systems installed as to meet eu-AGENCY-CLIENT needs according to best industry practice and Agency guidelines
- Perform internal and external technical control and vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls, and recommend remedial action.
- Determine material quantities in the amounts needed to complete projects as per the first Agency planning for the current Building Project
- Develop and create systems documentation, including full review and correction of systems drawings, systems installation drawings, and other systems documentation
- Ensure that physical security systems are being installed, programmed, tested, and commissioned according to Agency needs and best practice standards
- Ensure that physical security systems are being properly maintained, reprogrammed, retested, and repaired according to Agency needs and best practice standards
- Performing technical and security audits as to ensure optimal security systems' performance
- Security monitoring and log analysis
- Review of design of the GTC/Facility system connections to the Hypervision system as to allow effective monitoring of the well-being of the Data center and all related equipment in order meet the business continuity needs and the best standards
- Design and implement technical security mechanisms and technologies
- Design and develop technical security standards and procedures.
- Attend dedicated and administrator trainings as to master the security systems. Such would require the CCTV System training/Access System Training/Hypervision System training/Fire detection and extinguishing system and all related trainings (Facility system included) as to perform the works required
- Develop and perform effective security systems training sessions for relevant staff, notably the Physical Security Coordinators and the Guarding Force.
- Performing any other activity related to the security and management of the IT corporate infrastructure or other systems under eu-AGENCY-CLIENT's responsibility.
- Minimum 4 years of relevant education (master or equivalent) after the secondary school
- Minimum experience requirements:
- Minimum 6 years of relevant professional experience in IT security
- Minimum 4 years of professional experience in security architecture
- Expected to possess advanced knowledge of/in: Core domains of IT Infrastructure such as Data Networks, Server and Desktop hardware and Operating Systems, Messaging, Collaboration, Storage and Backups, and related monitoring and management systems.
- Security-specific architecture methodology, eg SABSA
- Security architecture models, security strategy development, and compliance management.
- Mobile Architecture, Network and Application Security and/or Data protection
- Secure development processes.
- Application Security Vulnerabilities such as OWASP Top 10, CWE/SANS Top 25 and remediation approaches
- Cybersecurity control good practice such as the SANS Top 20 Critical Controls.
- IT audit/assessment frameworks: ISO-standards; NIST, CobiT and Industry standard application development methodologies
- Enterprise authentication authorization and identity management schemes (Active Directory, LDAP, etc.)
- Technical security controls such as Firewalls, IDS/IPS, Vulnerability Management, web application Firewalls, security gateways, WiFi, Mobile security, DLP, public key infrastructure, Encryption and Authentication techniques,
- Relational Databases, Middleware Applications, Collaboration and Document management solutions.
- Network and web related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, SMTP, SNMP, ICAP, etc.) Expected to possess one or more of the following qualifications:
- Certified Information Systems Security Professional with Information Systems Security Architecture Professional concentration (CISSP-ISSAP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- TOGAF certification
- Other similar credentials
- Excellent written and verbal communication skills in English essential.
- The applicants attention is drawn to the important role that the curriculum vitae plays in the evaluation. Curriculum vitae shall illustrate the specific skills relevant to this request.
- We would like to receive CVs of suitable candidates together with pricing quotations, based on a daily net rate including travel costs for the services described.
This position requires "security clearance level: EU Secret". If the candidate doesn't have a Security Clearance (SC) yet, then he/she can start working, when presenting:
- A criminal record (from his/her home country), plus ID-card copy, and
- A prove that he/she has already started the proceed to obtain the SC.
Our company is holding a FSC Facility Security Clearance, so we are able to guide you through the PSC Personal Security Clearance process.
infom consulting is an owner-managed business and consulting firm in Germany. The company supports large corporations and larger SMEs across Europe. Our IT experts are realising projects for the European Institutions, United Nations agencies, International Organisations and multinational companies across the EU.