Job Description
Intro:
Through Core BTS Resource Management Services (RMS), we offer custom talent solutions to help our clients meet their evolving technology and business needs. We help effectively match the right technology professional to their organization, recruiting for contract, contract-to-hire, and direct roles. Our client in (area/region) has an immediate need for a (job title).Please note that this is a (contract/contract to hire/direct hire) opportunity with our client and NOT with Core BTS.
Overview:
The Lead for Security Architecture plays a pivotal role in defining and executing the Security Architecture strategy in alignment with the organization's goals, under the guidance of the IT Security Head. This role involves leading the Security Architecture team and collaborating with managed service providers to ensure the design and compliance of the enterprise architecture support the organization securely and effectively. The ideal candidate will spearhead design reviews, enhance security measures within business environments, and foster strong relationships with key technical stakeholders to propagate secure design principles.
Key Responsibilities:
- Craft and refine the Security Architecture strategy, ensuring its alignment with business objectives and IT security goals.
- Spearhead the identification Of Security requirements by analyzing business strategies and technology needs.
- Facilitate effective communication with managed service providers and internal regional teams regarding security processes, personnel, and technology adaptations.
- Evaluate and endorse high-level and low-level design (HLD and LLD) requirements for network infrastructure and security tools managed globally.
- Lead the scrutiny Of Security solutions' proof of concepts alongside managed service providers.
- Champion the implementation Of Security Architecture practices to meet precise business and technology requirements.
- Guide the selection and application of cybersecurity tools to improve security mechanisms.
- Oversee and refine the Security Architecture review process, ensuring business initiatives comply with security standards.
- Design and implement global security programs that enforce robust security protocols across various platforms and comply with relevant security, privacy, and compliance frameworks.
- Assess and enhance Security Architectures and reference designs for improved security and risk management.
- Serve as the principal liaison for security matters with regional CIOs, aligning global security strategies with regional business needs.
- Manage Security Architecture projects across different business domains, including sales, enterprise, and manufacturing.
- Lead the recruitment and management of Senior Security Architects and oversee the coordination with third-party service providers.
Qualifications:
- Bachelors degree in IT, Information Systems, Business, Technology, or related fields.
- Possession of at least one advanced security certification (e.g., CISM, CISSP, CISA, CRISC).
- A minimum of 10 years in leadership or management roles within IT Security.
- Extensive experience (10+ years) with securing enterprise IT, cloud infrastructure, and implementing security technologies.
- Proven ability in leading secure architecture initiatives across diverse teams and technologies.
- Expertise in consulting and influencing IT Security strategies and practices.
Desirable:
- Proactive in embracing and leading change, fostering a culture of innovation, continuous improvement, and security-first mindset.
- Highly motivated, results-driven leader with outstanding interpersonal and motivational skills.
- Exceptional analytical, communication, and presentation skills, capable of engaging effectively with the leadership team.
- Preference for candidates with multilingual abilities.
Security Architecture familiarity in the following areas:
Security Roadmap
Product Evaluation / Proof of Concept
Security Innovation
Network Security (WAN, Mail, DNS, DLP, Proxy, Crypto, etc.)
Cloud Security
EUC/Server Sec. architecture
Data Classification
Thorough knowledge with Security Architecture Frameworks, Cybersecurity frameworks, SABSA, TOGAF,
- ISO 27001/27002, COBIT, BCM, IT Risk Management, ISA-TR99.00.01-2001, ISA-TR99.00.02-2004,
- FIPS Pub 1999, NIST 800 (37, 82, 53, 53A), NISTIR 7628, DHS Presidential Directive 7, NERC CIP v6.
Experience in risk management for Industrial Control Systems (ICS), Distributed Control Systems (DCS), and Internet of Things (IoT):
Securing ICS, SCADA, DCS, embedded systems, and other Operational Technology against
common and advanced persistent threats
Plant, field, and mobile communications technology security
Understanding of common IoT, ICS, SCADA, and DCS products and vulnerabilities
Critical infrastructure protection and/or system critical function assurance
IoT architecture and security
Electronic hardware security
Mobile data systems and technology
Connected vehicle security related to infotainment and content, telematics, vehicle communications or
autonomous operations.
Experience with organizational process improvement concepts and process maturity models (e.g., Capability Maturity Model Integration (CMMI).
Cybersecurity audit preparation and response.