Cyber Security Architecture & Design Master [ABC0001591]

13.09.2021, počet zobrazení: 1825

Náplň práce

Designs the security requirements necessary to protect the organization’s mission and business processes and implements them in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes. Owns the security transformation projects end-to-end including final verification & testing.

Special focus of this role is towards securing the hybrid on-premise & cloud environment of SUSE, working closely with the IT and the Engineering & Innovation teams.


Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data from community/public to Common Criteria certified and NDA classified
Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements
Ensure that SUSE system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
Identify and prioritize critical business functions in collaboration with organizational stakeholders.
Perform security reviews, identify gaps in security architecture, and develop a long-term architecture improvement plan.
Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
Analyze candidate architectures, allocate security services, and select security mechanisms.
Evaluate security architectures and designs to determine the adequacy of security design and architecture including user needs analysis and propose a target design.
Translate proposed capabilities into technical requirements.


Education and Experience Required:

Typically 8+ years of relevant experience.
Relevant University degree and/or recognized industry certifications are plus, but not required.
Knowledge and Skills:

Extensive hands-on expertise in public cloud & containers (AWS, Kubernetes) security
Ability to communicate effectively when writing.
Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of authentication, authorization, and access control methods.
Knowledge of organization's enterprise information security architecture.
Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
Knowledge of multi-level security systems and cross domain solutions.
Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)


More info

Kontaktní osoba

Jméno Niki Kostova
Odpovědět >


Podobné inzeráty