Description
My client are looking for a contractor to work until the end of the year.
The role is for a Security Architect:
Requirements:
- Minimum 5 years of experience in information and cyber security architecture.
- Managed architectural work across the full life cycle from inception through to implementation.
- Applied and integrated a broad variety of security technologies, producing layered, defence-in-depth security architectures.
- Reconcile multiple stakeholder viewpoints, using architectural patterns and trade-off scenarios.
- Applied Infosec industry standards/best practice frameworks (eg, SANS 20) in large organisations.
- Maintained a holistic perspective on the security capabilities needed to support or deliver the enterprise's strategic goals and objectives. These capabilities cover a broad variety of security domains: IAM, EPP, application security, etc.
- Acquired skills in general project management, system development life cycle and architecture documentation.
- Applied regulatory and legal requirements related to information Security and Data protection.
- Applied risk management methods and techniques in large risk environments.
Credentials:
At least one of CISSP, CISM, GIAC, SABSA or similar Information Security certifications.
Soft Skills:
Requirements:
- Proven team player with excellent communication, presentation and negotiations skills, and the ability to interface will all levels of the enterprise.
- Excellent analytical, conceptual, and problem-solving abilities.
- Ability to conduct research into emerging technologies and trends, standards and products as required. Learns fast.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Proven leadership skills combined with a strong drive and orientation for results, ability to motivate self and others, and lead others towards a common goal.
- High integrity, work ethics and commitment.
- Strong decision making skills.
- Excellent influencing and facilitation skills, particularly in problem solving/troubleshooting activities.
Professional Skills:
The candidate identifies, classifies and specifies architectural building blocks (ABB) for the purpose of guiding implementation and change activities in alignment with the strategic security goals.
Requirements:
- The candidate has used multiple Enterprise Architecture methods:
- Architecture Development Methods (method processes & content frameworks), such as:
- TOGAF9 Architecture Development Method
- SABSA
- MASS Method (see associated IBM redbooks)
- RUP/OpenUP
- Attribute-Driven Design Method
- Architecture Trade-off Analysis Method
- Architecture Description Languages:
- Archimate 2
- BPMN 2
- UML 2
- Architectural requirements definition and management:
- Process modelling incl. state & event modelling, use case modelling, domain modelling, service modelling
- Risk management methods:
- ISF IRAMv2
- FAIR
- OCTAVE
- Security tactics & design patterns: Tactics & patterns for confidentiality, integrity, availability, accountability, non-repudiation
- Architecture domain practices:
- Component modelling (incl. integration, eg, EAI, SOMA)
- Datamodelling
- Operational modelling (deployment views)
- Infrastructure sizing
- Security domains and standards:
- Cryptography (incl. Key Life Cycle Management)
- Public Key Infrastructure
- Identity & Access Management
- Vulnerability and Patch Management
- Security in the Software Development Life Cycle
- Resiliency, Disaster Recovery Planning, Business Continuity Planning
- Application Security
- Database Security
- Web Services Security (OASIS standards)
- Networking technology:
- Routing & switching standards
- VPN (IPSec, MPLS) standards
- IT and security infrastructure standards:
- J2EE & Application Servers: WebSphere, WebLogic, JBOSS
- XML (incl. XSLT, SPML, SOAP, XACML, SAML...)
- ESB implementations
- Directory technologies (LDAP) - Active Directory, Tivoli Directory Services
- AAA: Kerberos, Tivoli Access Manager, WebSEAL, Juniper, Checkpoint...
- Databases: Oracle, SQL, JDBC
- Operating Systems: Windows, Solaris, Linux
- OASIS WS-*
- Telco industry knowledge and experience:
- The candidate must have multiple project experiences defining reference architectures or solutions within the telecommunications or cloud industry.
Languages:
Fluency in English language in addition to your mother language - both verbal and written, with the ability to communicate clearly