Cyber Security Consultant Last Update: 02-06-2023 - Brussels, België - Harvey Nash

Harvey Nash
Harvey Nash
Geverifieerd bedrijf
Brussels, België

2 weken geleden

Sophie Dubois

Geplaatst door:

Sophie Dubois

beBee Recruiter
Beschrijving
Looking for a Senior Cyber/Enterprise Security Architect / Consultant who will help our client in this very challenging opportunity

What you'll do

  • Develops and maintains the present and future state architecture models for various security capabilities (e.g., GRC, trust management, identity & access management, certificate life cycle management, secrets management, etc.), translating security requirements into reference architectures and secure design patterns
  • Conducts indepth architecture risk assessments, including threat modelling, for various IT and telco infrastructure domains (e.g., telco cloud, APIs, microservices, SDN, confidential computing, etc.)
  • Conducts architecture compliance assessments
  • Guides delivery teams in the selection and implementation of security controls
  • Occasionally serves as a solution architect for the design of an enterprise security service
  • Authors security strategies, policies, standards, and procedures
  • Develops long term visions and roadmaps and presents these to senior management
  • Identifies business opportunities enabled by information security
  • Occasionally develops business proposals, ensuring quality estimates, and harvesting and leveraging reusable assets
  • Develops working relationships with tribes leads and suppliers, ensuring overall strategic and architectural alignment
  • Applies industry standards as issued by various standards development organizations
Profile

  • Minimum 5 years of experience in information / cyber security architecture
  • At least one of CISSP, CISM, GIAC, SABSA, TOGAF or similar Infosec or architecture practice certifications
  • Managed architectural work across the full lifecycle from inception through to implementation
  • Applied and integrated a broad variety of security technologies, producing layered, defenceindepth security architectures
  • Reconciles multiple stakeholder viewpoints, using architectural patterns and tradeoff scenarios
  • Applied Infosec industry standards / best practice frameworks (e.g., SANS 20) in large organisations
  • Acquired skills in general project management, systems development life cycle and architecture documentation
  • Applied regulatory and legal requirements related to information Security and Data protection
  • Applied risk management methods and techniques in large risk environments
Required skills

  • Proven team player with excellent communication, presentation and negotiations skills, and the ability to interface will all levels of the enterprise
  • Excellent analytical, conceptual, and problemsolving abilities
  • Ability to conduct research into emerging technologies and trends, standards and products as required. Learns fast
  • Ability to effectively prioritize and execute tasks in a highpressure environment
  • Proven leadership skills combined with a strong drive and orientation for results, ability to motivate self and others, and lead others towards a common goal
  • High integrity, work ethics and commitment, Strong decisionmaking skills, Excellent influencing and facilitation skills, particularly in problem solving / troubleshooting activities.
Architecture Development Methods (method processes & content frameworks), such as:

  • TOGAF9 Architecture Development Method
  • SABSA
  • RUP / OpenUP
  • Attribute-Driven Design Method
  • Architecture Tradeoff Analysis Method
  • Architecture Description Languages:
  • Archimate
  • BPMN
  • UML
  • Architectural requirements definition and management:
  • Process modelling incl. state & event modelling, use case modelling, domain modelling, service modelling
  • Risk management methods:
  • ISF IRAMv
  • FAIR
  • OCTAVE
  • Security tactics & design patterns: Tactics & patterns for confidentiality, integrity, availability, accountability, nonrepudiation
  • Architecture domain practices:
  • Component modelling (incl. integration, e.g., EAI, SOMA)
  • Data modelling
  • Operational modelling (deployment views)
  • Infrastructure sizing
  • Security domains and standards:
  • Cloud (Azure)
  • Cryptography (incl. Key Life Cycle Management)
  • Public Key Infrastructure
  • Identity & Access Management
  • Vulnerability and Patch Management
  • Security in the Software Development Life Cycle
  • Resiliency, Disaster Recovery Planning, Business Continuity Planning
  • Application Security
  • Database Security
  • Web Services Security (OASIS standards)
  • Networking technology:
  • Routing & switching standards
  • VPN (IPSec, MPLS) standards
  • Software Defined Networking
  • Etc.
  • IT and security infrastructure standards:
  • Cloud native projects
  • Application Servers: WebSphere, WebLogic, JBOSS
  • Encoding schemes
  • Service oriented architectures
  • Directory technologies
  • AAA
  • Databases: Oracle, SQL, JDBC
  • Telco industry knowledge and experience:
  • Languages : English, French / Dutch is certainly a plus
Meer banen van Harvey Nash
Bekijk alle vacatures van Harvey Nash