IT SECURITY ARCHITECT (NETWORK SECURITY/VULNERABILITY ANALYSIS/OWASP)

Description

IT SECURITY ARCHITECT (NETWORK SECURITY/VULNERABILITY ANALYSIS/OWASP)

The contract is with a large organisation to be on assignment at a European site in Paris . The client is urgently seeking an IT Security Architect as follows.

Tasks and Responsibilities

• Works closely with the Information Security Officer in designing security controls that meet business requirement.
• Performs security assessments and penetration tests, identifies security measures and informs the Project Manager and the system owners of any remaining risks prior to the live operation of the IT system or application.
• Implement projects associated with security improvements (eg Vulnerability analysis tools, Network Design).

Knowledge and skills:

• Experience in one or more of the following fields: application development and database security, OS security, network security, forensic analysis and incident response.
• Strong knowledge of state-of-the-art security techniques and methods such as Internet security tools, IDS, strong authentication, PKI and encryption.
• Prior experience of performing Web application penetration tests, to identify weaknesses in security controls and the business risks associated with these.
• Ability to understand and assess applications from both a technical and business perspective.
• Practical knowledge of the OWASP Testing Guide and/or Code Review Guide.
• Prior experience with one or more of the following products: Splunk, Kali Linux, Tenable Vulnerability Scanner, Citrix Netscaler, Juniper, Web Application Firewalls.
• Strong knowledge of state-of-the-art IT methodologies and tools.
• Prior experience in risk assessment procedures.
• Identifying technical solutions for business requirements.
• Very good analytical skills.
• Ability to work under pressure and to deliver to agreed deadlines.
• Proven ability to generate a range of possible, also innovative, solutions and to assess the implications of these solutions.
• Good interpersonal skills, in particular communication and negotiation skills, and the ability to work in a team and co-ordinate own activities with others.
• Very good command of English with proven drafting ability.

Education and qualifications:

• University or college degree in computer engineering, computer science, physics or mathematics or a related discipline
• One or more of the following technical IS Security certifications: CEH, OSCP, SANS GIAC, OSSTMM, SSCP or CSSLP.
• Professional certification in IS security (CISSP, ISO 27001) would be an advantage