Cyber Security Consultant Last Update: 02-06-2023 - Brussels, België - Harvey Nash
Beschrijving
Looking for a Senior Cyber/Enterprise Security Architect / Consultant who will help our client in this very challenging opportunityWhat you'll do
- Develops and maintains the present and future state architecture models for various security capabilities (e.g., GRC, trust management, identity & access management, certificate life cycle management, secrets management, etc.), translating security requirements into reference architectures and secure design patterns
- Conducts indepth architecture risk assessments, including threat modelling, for various IT and telco infrastructure domains (e.g., telco cloud, APIs, microservices, SDN, confidential computing, etc.)
- Conducts architecture compliance assessments
- Guides delivery teams in the selection and implementation of security controls
- Occasionally serves as a solution architect for the design of an enterprise security service
- Authors security strategies, policies, standards, and procedures
- Develops long term visions and roadmaps and presents these to senior management
- Identifies business opportunities enabled by information security
- Occasionally develops business proposals, ensuring quality estimates, and harvesting and leveraging reusable assets
- Develops working relationships with tribes leads and suppliers, ensuring overall strategic and architectural alignment
- Applies industry standards as issued by various standards development organizations
- Minimum 5 years of experience in information / cyber security architecture
- At least one of CISSP, CISM, GIAC, SABSA, TOGAF or similar Infosec or architecture practice certifications
- Managed architectural work across the full lifecycle from inception through to implementation
- Applied and integrated a broad variety of security technologies, producing layered, defenceindepth security architectures
- Reconciles multiple stakeholder viewpoints, using architectural patterns and tradeoff scenarios
- Applied Infosec industry standards / best practice frameworks (e.g., SANS 20) in large organisations
- Acquired skills in general project management, systems development life cycle and architecture documentation
- Applied regulatory and legal requirements related to information Security and Data protection
- Applied risk management methods and techniques in large risk environments
- Proven team player with excellent communication, presentation and negotiations skills, and the ability to interface will all levels of the enterprise
- Excellent analytical, conceptual, and problemsolving abilities
- Ability to conduct research into emerging technologies and trends, standards and products as required. Learns fast
- Ability to effectively prioritize and execute tasks in a highpressure environment
- Proven leadership skills combined with a strong drive and orientation for results, ability to motivate self and others, and lead others towards a common goal
- High integrity, work ethics and commitment, Strong decisionmaking skills, Excellent influencing and facilitation skills, particularly in problem solving / troubleshooting activities.
- TOGAF9 Architecture Development Method
- SABSA
- RUP / OpenUP
- Attribute-Driven Design Method
- Architecture Tradeoff Analysis Method
- Architecture Description Languages:
- Archimate
- BPMN
- UML
- Architectural requirements definition and management:
- Process modelling incl. state & event modelling, use case modelling, domain modelling, service modelling
- Risk management methods:
- ISF IRAMv
- FAIR
- OCTAVE
- Security tactics & design patterns: Tactics & patterns for confidentiality, integrity, availability, accountability, nonrepudiation
- Architecture domain practices:
- Component modelling (incl. integration, e.g., EAI, SOMA)
- Data modelling
- Operational modelling (deployment views)
- Infrastructure sizing
- Security domains and standards:
- Cloud (Azure)
- Cryptography (incl. Key Life Cycle Management)
- Public Key Infrastructure
- Identity & Access Management
- Vulnerability and Patch Management
- Security in the Software Development Life Cycle
- Resiliency, Disaster Recovery Planning, Business Continuity Planning
- Application Security
- Database Security
- Web Services Security (OASIS standards)
- Networking technology:
- Routing & switching standards
- VPN (IPSec, MPLS) standards
- Software Defined Networking
- Etc.
- IT and security infrastructure standards:
- Cloud native projects
- Application Servers: WebSphere, WebLogic, JBOSS
- Encoding schemes
- Service oriented architectures
- Directory technologies
- AAA
- Databases: Oracle, SQL, JDBC
- Telco industry knowledge and experience:
- Languages : English, French / Dutch is certainly a plus
Meer banen van Harvey Nash
-
Java Developer Ddd
Diegem, België - 2 weken geleden
-
Business Analyst
Brussels, België - 3 weken geleden
-
Senior Business Analyst
Brussels, België - 3 weken geleden
-
Client Advisor
Ixelles, België - 2 weken geleden
-
Project Scheduler
Brussels, België - 4 weken geleden
-
Java Developer
La Hulpe, België - 2 weken geleden