Hays Luxembourg is searching for one of his client a security architect (M/F).

Ensures that the technical security requirements necessary to protect the organization’s needs and business processes are adequately addressed in all aspects of enterprise architecture;
● define, establish and maintain security architectures, strategies and methodologies;
● elaborate the Security Architecture in close collaboration with all the teams involved to ensure the development of solutions in accordance with the corporate security policies and standards.
Activities:
Methodology & guidelines
● Define and review on an ongoing basis security architectures and strategic roadmaps to ensure alignment with both business and IT strategies;
● Deliver methodologies, processes and a governance framework to IT Teams;
● Define a roadmap and secure architecture, and implementation of necessary security controls aligned with company policies;
● Serves as a principal source of information on rules and procedures governing security operations;
● Ensures projects comply with the company’s information security policies;
● Trains new security officers or other personnel and provides on-going direction;
● Align local requirements from NIS Standards.
Security designs
● Design cloud security solutions in hybrid and/or cloud enterprise environment;
● Collaborate with other cloud solution architects in developing complex end-to-end Enterprise solutions;
● Ensure that the solution exhibits “Secure by Design” or “Well-Architected” framework, such as high-performance levels, security, scalability, maintainability, appropriate reusability, and reliability upon deployment;
● Supporting other Architects (application, infrastructure, DevSecOps, cloud etc.) for the security aspects within their disciplines.
Security Assessments
● Performs security project and supplier security assessments;
● Evaluate security architectures and designs to determine the adequacy of security design and
architecture proposed;
● Acts as the main point of contact for all security assessment and remediation advices;
● Review Vendor Security Questionnaires and/or Vendor Onsite Security Reviews.

Knowledge:
● Solid understanding of security protocols, cryptography, authentication, authorisation and
security;
● Solution support for security transformation/implementation programs;
● Experienced in Application architecture and security management;
● Knowledge in Privileged access management technologies;
● Experienced in host hardening, auditing, logging and monitoring, network security, SEIM deployments, security analytics, anomaly detections;
● Market understanding of industry trends for security, risk & threat intelligence, and governance;
● Proven implementation of cloud security models, particularly identity, network, and encryption;
● Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability;
● Good communication, to provide support and guidance to developers;
● Ability to design and implement new work processes for greater efficiency.
Tools:
● Demonstrated understanding of cloud security technologies and strategy of multiple cloud providers such as Azure, AWS and/or GCP;
● Solid understanding of security best practices and frameworks such as frameworks, such as ISO/IEC 27001, NIST and OWASP.
Soft skills:
● Critic and synthetic mind;
● Very good presentation skills;
● Experience of functional architecture or analysis in IT, with a proven ability to understand business issues and to structure functional specifications;
● Proactivity; Autonomy; Curiosity;
● Ability to work under pressure and time constraints;
● Ability to operate effectively with people at all levels;
● Effective communication skills;
● Team spirit;
● Positive attitude. #1334654