Senior Cloud Security Architect
- Steer and manage the cloud security architecture, including the in statement of processes, standards, design patterns and architecture blueprints including metrics and KPIs.
- Steer guide and train architects, security architects and engineers to integrate security within the company's projects and solutions.
- Act as subject matter expert on cloud security architecture and secure designs
- Manage relationships security vendors
- Provide security consultation for teams and projects including end to end risk assessments
Knowledge and experience
- Bachelor/ Master/ PhD degree in Computer Science / Information Technology or equivalent experience
- Minimum 10 years of relevant hands on experience in security engineering
- Minimum 5 years demonstrating expertise in security architecture
- Strong background in security architecture with a solid understanding of security concepts, best practices, threats, vulnerabilities, risks, and policies
- Strong understanding of complex enterprise networks and large mix vendor network environments
- Proven experience in designing conceptual security architecture for cloud environment (Public, Hybrid & Private)
- Experience with planning of cloud migrations as a security expert including the securing of applications transformation to PaaS/SaaS models.
- Extensive background in the research, adoption and implementation and operation of commodity and innovative security solutions and their cloud equivalents (e.g. IDS/IPS, Firewalls, Application Firewalls, Anti-Virus/HIPS, Mail Filters, Secure Gateways, etc.)
- Strong foundation in various network and host security domains such as cloud computing, virtualization, remote access, network availability and resiliency, device hardening, network segmentation and zoning, mobility, collaboration and more
- Deep understanding of the TCP/IP protocol stack and major protocols
- Experience in security controls for WAN, LAN, and WLAN architectures
- Policy development pertaining to network security architecture and design
- Strong experience in Threat Modeling of complex security systems
- Experience in defining security architecture roadmaps for a large or complex organizations (desirable)
- Experience with working with architecture and security architecture frameworks such as TOGAF or SABSA (desirable)
- Solid understanding of ISO2700 series, NIST control framework, CSA or similar is experience advantageous. Privacy knowledge desirable (GDPR). Desirable qualifications include: CISSP, CCSP, or similar.
- Policy and process development for the integration of security architecture throughout the IT organization
- Strong background experience in cyber security, working within large and complex organisations.
- Experience in managing large scale projects and vendor performance
- Strong experience in documenting audit findings and escalating residual risk.
- Strong consulting experience in projects and digital transformation.
- Excellent written and spoken English, and able to effectively communicate to technical and non-technical audiences. The same in German is advantageous.
- Self-starter, able to take initiative and identify information/cyber risk within the business.
- Strong Stakeholder Management experience at all levels.
- Team player, with a customer/business-centric approach.
- Ability to translate complex security risks into simple business requirements.
- Strong experience in auditing controls against policies, standards, and frameworks.
- Ability to raise awareness about Security best practices to business audiences.