The Information Security Architect will lead the efforts to secure our cloud and corporate ecosystem by guiding and monitoring the different IT/ Product/ Business teams to ensure organizational security, by designing a secure architecture of software /products/ conducting risk and threat analysis/ analyzing and managing a secure solution in the domain of infrastructure/ application while responding to specific stakeholders questions and needs.
What will your job look like?
Contribute and lead to the organizations Cloud Secured solutions architecture throughout project lifecycle (Business Development, Design, Development, Ongoing operations). Ensure security solution meets business and technical needs.
Maintain the organization's effectiveness and efficiency by defining, delivering, and supporting strategic plans for implementing information security.
Lead the security design throughout the project lifecycle and be accountable for security solution integrity.
Keep updated with emerging security threats and alerts. Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Share and communicate end-to-end security solutions (orally and in writing) to executives, business sponsors, and technical resources in a clear and concise manner that is in the vernacular of each group.
Guide various product experts regarding the security solution.
Create and support POC/demos and present security solutions to client.
Develop, implement, and administer security policies, security foundations and security standards.
Requirements: All you need is...
5 years of proven experience as information Security Architect.
In-depth knowledge of security architectural consideration from End to End Applicative & Infrastructure security perspective.
Experience with Cloud solutions (IaaS, PaaS, SaaS AWS, Azure, GCP).
Experience with Office 365 security.
2-3 years of proven experience in defining security requirements, designing security architectures and security project implementation.
Experience in leading cross-domain solutions.
In-depth knowledge of information security concepts, design/architecture, and methodologies.
In-depth Knowledge with security aspects of OS-security, Database, Network, K8S, Serverless, IAM, WAF
Knowledge and experience with security controls and tools such as XDR, vuln MNG, WAF, API GW, CSPM, Siem and threat hunting.
Very high understanding of Encryption, Identity management, Federations, Logging monitoring and governance practices.
Knowledge of compliances (PCI DSS, Sox, DPA, etc.) and IS standards (ISO 27001, BS25999, ISO 2700X, OWASP, CIS, etc.).
Knowledge of SSDLC methodology procedures, CICD and DevOps Methods.
Security-related certifications (CCSP, CISSP, CISM, CISA, etc.) Advantage.
This position is open to all candidates.