IT Security Architect

Assess and understand current security architecture and posture and provide recommendations for improvement and risk reduction

Work closely with IT, Application, and data architects to develop an architectural framework and guiding principles that will define and maintain our future enterprise architecture

Plan and design an enterprise security architecture and document how the implementation of a new technology impacts the security posture of the current environment

Provide subject matter expertise to senior management and technical teams, and support the design, deployment, configuration, and monitoring / evaluation of a secure hybrid environment (on premises and cloud) in the areas of infrastructure (hardware, software, and networks), secure application development, and secure data management

Define and communicate security requirements with business and technical teams for new corporate projects and business operations

Perform security assessments, identify gaps, and provide recommendations to improve overall enterprise security and to ensure compliance with regulatory and security requirements

Research and propose new solutions for Cloud Security, Network Security, Perimeter Defense, Identity and Access Management, Vulnerability Management, Secure SDLC (Software Development Life Cycle)

Perform planning, deployment, testing, and documentation of new security solutions or enhancements to existing security solutions in accordance with security best practices

Participate in the design and execution of vulnerability assessments, penetration tests, security audits, and Threat Risk Assessments, providing recommendations on risk avoidance, mitigation, and issue resolution

Implement recommendation actions and apply fixes to address gaps identified by assessments and compliance tools such as Azure / 365 compliance centers, Microsoft Defender for Cloud and Qualys

Identify and prioritize system functions required to promote continuous availability of critical business processes and assist in planning, developing, and testing enterprise Disaster Recovery and Business Continuity Plans

Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures)

Provide input on security requirements to be included in requests for proposal (RFPs), statements of work (SOWs), and other procurement documents

Manage enterprise security systems including but not limited to firewalls, VPN, IPS / IDS, Key Vaults, PKI, EDR, Antimalware, Vulnerability Scanners, network Terminal Access Point, SIEM, and PIM

What you must have :

Degree in Information Technology or equivalent

Certification in one or more of the following : CISSP, CISM, GISP, CRISC, CISA, TOGAF, or Sherwood Applied Business Security Architecture (SABSA), CCSP

Strong knowledge of relevant industry standards such as ISO 27001, NIST, and ITSG-33

Previous relevant experience in IT security architecture; and Extensive Azure / O365 / Dynamics / Power Platform Cloud experience is a must.

Microsoft Certified : Cybersecurity Architect Expert is a must.