Within the Security Operations Center and under its governance, the Security Architect maintains and suggests monitoring and analysis tools. They create a security architecture and work with developers to ensure this architecture is part of the development cycle. They develop tools and solutions that allow organizations to prevent and respond effectively to attacks and document procedures, requirements, and protocols.
• Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
• Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation
• Verifies security systems by developing and implementing test scripts
• Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
• Manage, maintain, and monitor security technologies such as vulnerability scanning solutions, IDS/IPS, anti- virus technologies, SIEM technologies, host forensics and malware analysis, web application firewalls and proxy solutions.
• Support Information Security training and awareness by providing ideas and content, assist HR with employee security awareness education and training.
• Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements
• Create and review vulnerability reports, track compliance with vulnerability management policies and procedures in accordance to established ISO 27001:2013 guidelines.
• Prepares system security reports by collecting, analyzing, and summarizing data and trends
• Reporting to the Chief Information Security Officer
• Position to be filled in Torino, Italy
QUALIFICATIONS AND EXPERIENCE:
(P) = Preferred, (R) = Required
• Proven experience within information security within security architecture, owning roadmaps and leading architecture (R)
• Professional experience with all aspects of an IT project from security requirements, security design through development, testing, implementation, and production (R)
• Background in Software development (P)
• Deep understanding of the security domain specific technologies and systems for domains such as networking and infrastructure (R)
• Ability to design and incorporate security designs in new, legacy, and in-progress environments undergoing general IT transitions / upgrades
• Excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences (R)
• Security components (firewall, WAF, log management, NAC, IPS, IDS, HIDS, SIEM…) (R)
• System/Application vulnerabilities and exploitation (P)
• Cyber/operation security, network security and application security monitoring
• experience (P)
• Cloud technology (SaaS, IaaS, PaaS) and associated digital forensics and incident
• response techniques (P)
• MS Office Products (R)
• Fluency in English (oral and written) (R)