For a client of Tergos in Zuid-Holland I am looking for an experienced Security Architect.
- Start date: ASAP
- Hours per week: 40
- Duration of the assignment: 3 months
What will you do?
As a Security Architect you will:
- Design and coordinate cohesive responses to security events that involve multiple teams across the organization;
- Incorporate solution architecture, security and compliance requirements into detailed security design across infrastructure and application components;
- Recognize, adopt, influence, and instill security best practices throughout the organization;
- Conduct sophisticated security reviews - from high-level infrastructure architecture to application-level parameters to code-level reviews in order to meet security goals;
- Provide subject matter expertise on architecture and security-related issues;
- Implement security specific technology solutions across all layers of the deployed ICT Security infrastructure, operating systems and applications, network and telecommunication devices, including 3rd party services, middle ware and applications;
- Provide support in ICT Security incidents resolution at the infrastructure operational level, and proactively detect anomalies or patterns that may result into problems for the ICT Security, availability, stability, performance or capacity of the system;
- Advise and consult with internal customers on risk assessment, threat modelling, and vulnerability remediation;
- Provide subject matter expertise on architecture and security-related issues.
About the organization
The overall cyber security architecture function provides the necessary service to design, document, deploy, maintain and monitor security solutions and infrastructures, including security controls, that are required to efficiently prevent, detect and respond to security incidents and cyber-attacks as well as implementing security policy requirements.
In particular, it aims on utilising standardised and reusable architectural and design patterns (technical security architecture) that fully support the business and functional requirements whilst promoting an efficient segmentation of the infrastructure components to facilitate the identification, containment, eradication and recovery from a compromise.
Security Architect profile:
- Working knowledge of English (b2 or higher);
- 3 years of formal higher education at least equivalent to a level of bachelor's degree in the fields of Computer Science, Information Systems, Engineering;
- At least 7 years of relevant professional work experience as an ICT Security Architect, around the following indicative activities/domains: Network security engineering, System security, engineering, Network security administration, System security administration, Security testing (functional and non-functional), Cryptography;
- A minimum of 5 years experience in info/cyber security architecture roles;
- Professional experience on at least 2 large projects with responsibilities around the expected tasks and services (see Section 1.5 of the RfO);
- Knowledge in: Networking (TCP/IP, SNMP, DNS, Syslog-ng, etc.), Defense-in-depth Security, Architecture, Enterprise Security Architectures;
- Knowledge of general security concepts and methods such as vulnerability assessments, privacy assessments, intrusion detection, incident response, security policy creation, enterprise security strategies, architectures and governance and Understanding of networking (TCP/IP, OSI model), operating system fundamentals (Windows, Linux), security technologies (firewalls, IDS/IPS, etc.) and application programming/scripting languages (C, Java, Shell).
Desirably, you have:
- Knowledge of secure software development processes, such as SAMM, BSIMM, ISO27034
- Strong technical security knowledge in assessment, design, implementation, architecture, and program / project delivery and work across various delivery models, (Waterfall, Agile, DevOps)
Your daily tasks
In your daily work, you will:
- Evaluate security solutions through Proof of Concepts or any other methods and means;
- Contribute to the definition of security architectural blueprints;
- Integrate new solutions with existing frameworks based on security architectural blueprints;
- Transition solutions to teams in charge of daily operations;
- Balance technological opportunities with business processes requirements;
- Maintain a holistic view of the organisation’s strategy, processes, information and ICT assets;
- Link the business mission, strategy and processes to the ICT and Cyber Security strategies;
- Lead development and integration of components;
- Lead and/or conduct system integration activities from a security perspective;
- Design, integrate and implement complex Cyber Security solutions from a technical perspective;
- Security events collection architecture design;
- Align Cyber Security strategy and planning with the organisation’s business goals;
- Streamline business processes, functions, procedures and workflows and apply a consistent implementation approach;
- Manage stakeholder engagement in the development of new processes and systems and verifies feasibility;
- Conduct post-implementation reviews to evaluate benefits accrued from new processes and systems;
- Recommend resolutions and improvements;
- Ensure that technical solutions, procedures and models for development are up-to-date and comply with security baselines and standards.