Cloud enviroment (advanced)
Data Privacy (advanced)
Risk Management (advanced)
We are looking for a Security Architect, one who is responsible for designing, building, testing and implementing security systems, across a large enterprise, its multiple offerings, and various lines of business.
The right candidate must thrive in high-pressure situations, thinking like both an attacker and defender, to drive engineering, development, and business teams to take the right actions in the right time frames to mitigate risks.
They are expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products
We are looking for an individual who can balance technical risks against business risks and consistently drive for the right results.
A passion for engineering solutions to complex security challenges, recognize and fill gaps from a defense-in-depth perspective is essential.
The successful candidate will have a good mix of deep technical knowledge, a demonstrated background in Information Technology and Security and a keen understanding of policy.
We value broad and deep technical knowledge, although having a specialization in three or more of these domains is desired : Cryptography, Network, Infrastructure, Open Source Software, DevOps / CICD Pipelines, Virtualization, Cloud-Native Technologies, Application Security, Malware Analysis, Forensics, Security Operations, Incident Response, or an emerging technology are welcomed.
Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives for multiple lines of business
Advise, Design, implement enterprise-class security systems for production environments, both internal and external
Review and compare current tools with emerging technologies to fine the best mix of performance, security, and cost across the platforms
Align company standards, policies, frameworks and security management directives with overall business and technology strategy
Identify and communicate current and emerging security threats
Design security architecture elements to mitigate threats as they emerge
Create solutions that balance business requirements with company information and security standards
Determines security requirements by evaluating business strategies and requirements; researching information security standards;
conducting system security and vulnerability analyses and risk assessments; studying architecture / platform; identifying integration issues;
preparing cost estimates.
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices;
designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software;
adhering to industry standards.
Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration;
preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Exceptional communication skills with diverse audiences Strong critical thinking, analytical skills and empathy
10 or more years of experience as an Architect (Software, Solutions, Network, Security, etc.)
Policy (ISO, NIST, CIS) and risk management experience required
Data privacy and regulatory background is necessary (GDPR, Italian Data Privacy, etc)
Experience with Incident Response / Operations or addressing breaches, incidents
Experience with forensic analysis
Experience with C, Python, Java or Go a plus
Experience with IBM Cloud, OpenStack, AWS, or similar proprietary cloud environments
Experience with CICD and Development Pipelines
Experience with Docker and Kubernetes a plus
Experience with Agile design and Project Management methodologies
Workplace : 100% remote
Manpower Premium platform
PZU group insurance