ICT Security Architect
What you will do
- The creation and maintainance of IMEC’s security architecture principles
- The creation and maintenance of reference security architectures for different domains (internal applications, application functionality exposed to outside world, IOT, production environments, network components, authentication, data, ...
- Leading security initiatives and ensuring their successful execution together with our project managers team
- Align standards, frameworks and security with overall business and technology strategy
- Maintain security by ensuring compliance to standards, policies and procedures.
- Identify and communicate current and emerging (cyber-)security threats
- Design security architecture elements to mitigate threats as they emerge
- Create solutions that balance business requirements with information technology and cyber security requirements;
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Driving security architecture requirement workshops, developing solutions, integrating security into solution design
- Train and educate users and developers on security best practices and procedures.
What we do for you
Who you are
- We are looking for a highly motivated person with 5 years’ experience or more in:
- Security architecture, demonstrating solutions delivery, principles and emerging technologies;
- Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions;
- The development and design of security best practices and implementation of solid security principles across the organisation, to meet business goals along with customer and regulatory requirements
- Security considerations of cloud computing and specific security controls required to mitigate the risks introduced by using cloud computing;
- Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organisation to sensitive technology resources;
- Knowledge of international standards and frameworks with regards to information and cyber security such as the ISO 27000 series and NIST 800 series of standards.
- Excellent communication skills with diverse audiences
- Strong critical thinking and analytical skills
- Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
- The ability to be an enterprise security subject matter expert who can explain technical topics to those without a technical background.