Cyber Security Domain Architect with Platform Security Competences
Posted on May 25, 2021 by Base 3
- Design architecture principles, tools, patterns and develop architecture policies, standards and solutions within her/his assigned domain.
- Define and advise on the design, implementation and processes necessary to protect information system assets.
- Provide guidance and be a facilitator to ensure that standard security best practices are applied consistently and in a meaningful way on projects.
- Share experience and vision to build security awareness with business stakeholders, business/application/solution architecture, IT and operational teams. Become the go-to person for given security domain.
- Collect feedback from stakeholders, detect unaddressed security needs and identify opportunities.
- Translate business requirements, risk assessments, high-level policies and controls towards security architecture requirements and designs for existing or new security services and projects on business and IT side.
- Participate in discussions regarding the high level IT and operational process design and implementation of security in projects
- Recommend and advise on new or improved security services towards senior CISO management.
- Produce documented security services, technical standards or principles.
- Act as a security subject matter expert within your domain.
- Additional knowledge on other domains will be used to assist other Cyber Security Domain Architects covering other security domains (for example Mainframe, data, PKI and cryptography, network security, cloud security, IAM, application security, devsecops etc.)
- Your stakeholders are mainly business owners/analysts, project leaders, enterprise architecture, risk management, internal/external auditors and IT engineers, developers and solution designers
- Proven experience in security design and architecture, security risk assessments, development of functional security requirements, process design and management reporting.
- Familiarity with industry cyber security best practices in key security activities like risk assessments, identity and access management, cloud, network and application security
- Knowledge of and experience with security technologies - processes including operating systems (Microsoft, Linux, containers), DB, webapplication security, hardening/compliance monitoring, CIS Benchmarks
- Knowledge of and experience with Virtualisation, Software Defined Networks, Cloud (X)AAS, Network and DMZ infrastructure, VOIP, Wifi, 802.1x, Anti-malware, System protection, Middleware, Collaboration and end-user workspace solutions, Storage (SAN, NAS), Databases, .
- years cyber security professional experience with at least 5 years cyber security domain or enterprise architecture experience
- Ability to articulate a mid/long term vision for the evolution of security technologies and services
- Exposure of working in multiple companies/cross industries. Worked in financial or highly regulated industries.
- Professional certifications such as TOGAF, SABSA or IAF architecture frameworks. CISSP, GIAC, ISO 27001 LA/LI or specific security product certifications are an asset
- Experience translating business requirements into technical solutions
- Good working knowledge of documentation and presentation applications including PowerPoint, Visio, Excel, and Word
- University degree in Computer Science, Engineering or similar degree.
- Fluent English