Description
Sander Dirks from Michael Bailey Associates B.V. is looking for an security architect who wants to work in The Hague for a period of 6 month with extension.
I'm looking for an technical security architect with hands-on experience and not a security specialist.
Security Architecture support for technical infrastructure architecture
. Perform architecture risk assessments both for in-house developed solutions, custom of the shelf products and outsourced solutions.
. Assist in the design of the future security perimeter architecture including Firewall, IDPS, malware protection, denial of service attack prevention
. Document security controls through the Troux enterprise architecture management suite
. Document security standards, guidelines and best practices
. Translate requirements for confidentiality, integrity and availability of data into a security architecture
Background
The Research and Architecture directorate supports projects with architecture design and advise on required capabilities and products meeting those requirements.
The directorate is currently implementing the Troux enterprise architecture management suite and wishes to document it's architecture, including the security controls in this suite.
Deliverables
1. Gap analysis of the current state architecture and industry best practice architectures
2. Future state architecture including description of required capabilities
3. Risk assessments and mitigations for transformation programmes and integration architectures.
4. Documented security patterns
Requirements
The candidate should have experience with the design of security architectures following industry best practice patterns.
Specific technical experience in a production environment of:
Firewalls: Nokia-Checkpoint, Juniper Netscreen, mainstream vendors
IDPS:mainstream vendors, host-based and network based intrusion detection.
SSL VPN: Mainstream products
VPN: Mainstream approaches
Web Access Management: Mainstream approaches
Authentication: Radius, Kerberos, Single-Sign On, Vasco tokens, Federation(SAML, WSFed), WebSSO, two factor authentication
Authorization: Role based access control, Rules based authorization
Network: LAN, WAN, SAN
Communication protocols: HTTP, TCP/IP, HTTPS,
Malware protection: Mainstream products
Enterprise Security Architecture: Zachman,TOGAF, SABSA
Application Development Platforms: Java, .NET
Operating Systems: Windows, Unix, Linux
Identity Repositories: LDAP, Active Directory, RACF
Enterprise Architecture Management Suite: Troux