Our client is a European Union Agency responsible for the operational management of large-scale IT systems that support the implementation of the EU's policies in the areas of freedom, security, and justice.
The agency plays a key role in enhancing the security of the EU by ensuring the efficient and secure operation of critical IT systems, contributing to the safety and well-being of European citizens.
We are looking for a highly skilled and experienced SecurityArchitect who is passionate about cybersecurity and committed to protecting critical IT systems The most important and mandatory requirement is experience in CISCO ACI and a good level of English.
No deadline.
Task description â?¢ Support the Agency's Security Officers in developing and maintaining the securityarchitecture of the agency in collaboration with the Enterprise Architect; â?¢ Create and manage security standards, design patterns and reference architectures; â?¢ Analyse and define Solution security requirements for networks, corporate applications/systems, end user computing, mobile devices and applications and data center technologies and solutions; â?¢ Develop and maintain the organizational security technology framework; â?¢ Ensure that IT Security controls implementations meet the requirements of all regulatory requirements or contractual requirements; â?¢ Work with the Security Officer and IT teams to ensure that implemented security technologies are integrated and fully utilized as intended in the protection of agency information systems; â?¢ Monitor and analyse trends in IT Security; â?¢ Develop strategic and detailed technical roadmaps of the enterprise security environments and the associated technologies required to deliver these solutions on a global basis; â?¢ Develop the business, information and technical artifacts that constitute the enterprise information securityarchitecture and solutions; â?¢ Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies.
Education Minimum 4 years of relevant education (master or equivalent) after the secondary school.
Additional needed qualification, knowledge and skills :
â?¢ Advanced knowledge of core domains of IT Infrastructure, such as Data Networks, Server and Desktop hardware and Operating Systems, Messaging, Collaboration, Storage and Backups, and related monitoring and management systems; â?¢ Security-specific architecture methodology, e.g.
SABSA; â?¢ Securityarchitecture models, security strategy development, and compliance management; â?¢ Mobile Architecture, Network and Application Security and/or Data protection; â?¢ Secure development processes; â?¢ Application Security Vulnerabilities such as OWASP Top 10, CWE/SANS Top 25 and remediation approaches â?¢ Cybersecurity control good practice such as the SANS Top 20 Critical Controls; â?¢ IT audit/assessment frameworks:
ISO-standards; NIST, CobiT and industry standard application development methodologies; â?¢ Enterprise authentication authorization and identity management schemes (Active Directory, LDAP, etc.); â?¢ Technical security controls such as firewalls, IDS/IPS, vulnerability management, web application firewalls, security gateways, WiFi, mobile security, DLP, public key infrastructure, encryption and authentication techniques; â?¢ Relational databases, middleware applications, collaboration and document management solutions; â?¢ Cloud native security technologies; â?¢ XML, Web Services and SOAP protocols, both in client and server, as well as dynamic languages such as Objective-C, VBScript, JavaScript; â?¢ Network and web related security protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, SMTP, SNMP, ICAP, etc.); Expected to possess one or more of the following qualifications :
â?¢ Certified Information Systems Security Professional with Information Systems SecurityArchitecture Professional concentration (CISSP-ISSAP); â?¢ Certified Information Security Manager (CISM); â?¢ Certified Information Systems Auditor (CISA); â?¢ TOGAF certification; â?¢ Other similar credentials.