- Drive "Secure by Design" strategy to proactively build-in security practices across infrastructure & application architecture
- Implement proactive Cyber Security best practices by designing security reference architecture for different use cases such as Workload Migration, Digitization Transformation, AWS/Azure Cloud Application Architecture, Data Lake architecture, etc
- Responsible to implement Cloud Security Governance & drive consistent architecture practices across all Cloud platforms such as AWS, Microsoft, Oracle, Salesforce, etc
- In addition to architecture experience, this role requires a strong focus on Software Security, setting the security objectives and securing customer data
- Define the forward-looking technology roadmap for all Cyber Security areas to address emerging threats
- Provide technical consultation, guidance, and assistance to management, business contacts, IT Architecture teams and internal customers to ensure the protection of intellectual property by integrating controls, processes, and procedures into Eurofins s Services and Products
- Provide technical analysis of existing and future security products and services as well as participate in benchmarking exercises to align Cyber Security Services to industry best practices
- Understand the emerging technology trends & act as Thought Leader for Cyber Security architecture & technology areas
- Collaborate with Enterprise Architecture team to advance Cyber Security Architecture priorities
- Responsible for integration of security development practices into DevOps life cycle
- Develop & Implement Cyber Security Competency Development initiatives for architects & developers by conducting proactive skill development trainings
- Participate in the technical evaluation and testing of hardware and software for possible impact on systems security or for risk to intellectual property
- Provide day-to-day leadership for Security Architecture Team ensuring that right processes, people and partnerships are leveraged to drive consistent Security Architecture practices.
- Track security architecture related KPIs and metrics, and assist with reporting on those metrics to senior management
- Contribute to business integrations after acquisitions/mergers to ensure these are commenced in line with security standards
- Liaise within the corporate Enterprise Architecture Office and IT Infrastructure for standardization of best practices, editing of guidelines and design of reusable components.
Technical Skills :
- Demonstrated proficiency with the IT Security Common Body of Knowledge required
- Strong hands-on experience in Cloud services such as AWS/Azure & understanding of Cyber Security core services
- Experience in architecting, deploying and managing security tools e.g.: vulnerability management, identity management, PKI, log management, multifactor authentication, pen testing, automated code analysis, and antimalware
- Experience in solution design principles, practices, system development methodologies, and software life cycles with experience in a combination of system and application architectures.
- Demonstrated experience in maintaining common IT security technologies such as firewall, VPN, PKI, E-business and web technologies, vulnerability & risk assessment, intrusion detection, event correlation, DMZ, Extranet, etc
- Intermediate to advanced knowledge of routing, switching, and bridging in LAN/WAN multinational environments
- Experience in Secure DevOps technologies & processes
- Awareness on OWASP Top 10 is mandatory
- Awareness on PCI/HIPAA/GDPR is desirable but not mandatory
- Abreast of both old and new security vulnerabilities and continually keep up to date on the latest security best practices and technologies.
- Strong knowledge of cryptography as it relates to computer and network security as well as file and email encryption required
- Proficiency in performing architecture reviews and ranking risks
- Strong, demonstrated project management skills
- Strong knowledge of the global data security regulatory environment
- At least one Industry recognized certifications like CISSP,CISM,CCSK, or CCSP is mandatory.
- Ability to research and interpret new rules and regulations
- Solution oriented, can build bridges and negotiate win-wins
- Strong process orientation; ability to bring structure to a broadly-defined problem and/or need
- Proven self-starter; able to take initiative to build organization capability and to deliver committed results
No comments:
Post a Comment