Description
Security Architect: French/Security Frameworks, Gateways, Virtualisation
Our consultancy client is looking for a Security Architect to continuously assess and improve the security of its information systems to be based in either Brussels or Paris .
Key skills:
- Experience with Information Security Frameworks (policies, standards, Internal Control directives, Security Architecture)
- OS and tooling (Windows, UNIX, Linux, VTOM )
- Virtualisation (VMWARE, CITRIX, UNIX Partitioning)
- Storage (SAN, NAS, LUNS, Backup, Archiving)
- DB (Oracle, SQL, MySQL, ODBC/JDBC, DAM, Big Data)
- Fluent in French and English is a must
- Advanced experience with Datacenter logical segmentation. Set up of consistent and coherent multi-tier segmentation (zoning, impact on tooling flows, operability, jump server)
- Hybrid data centre, data flows and security model when data are exchanged between on premise and SaaS/Cloud apps
- Gateways (Proxy, TMG, zcaler, RAS, XML, MQ)
- Network architecture securisation (switchers, Routers, FWs, VPN/VLAN/VRF/MPLS/route leaking)
- Web security (DataPower, WAF, XML, FW, SOAP)
- AD Security
- Applications security experience
- IS Business Risk Assessments
Responsibilities:
- Design and justify the appropriate security measures to mitigate the risks associated with identified threat scenarios in a large variety of projects and technical contexts. Assess the corresponding levels of risk reduction and defend the proposed security measures to reach a risk level accepted by the business.
- Assist the Infrastructure and Application Architects to assure abidance to IS security policies and standards in general, to the Internal Control Programme of the Group (INCOME) and the integration of the retained security measures in particular, in respectively the Functional Application Design and the High-level Infrastructure Design.
- Assist the Infrastructure and Application Architects in determining the necessary security tests, in performing the tests and in writing the test reports
- Present the findings to the stakeholders, in oral and written presentations (French and English)
- Assist the Risk Analyst in the determination of the security sensitivity of the projects, in support of security budgeting and in the determination of the potential business impact in case of security compromise of the project deliverables (service, system, application, data).
- Perform vulnerability and threat assessments. Identify threat scenarios and assess the associated levels of risk in function of potential business impact and likelihood of occurrence.