Security Architect

This is a remote position.

Mission of Softgic:
In Softgic S.A.S. we work for the digital and cognitive transformation of our clients aware that quality is an essential factor for us we incorporate the following principles into our policy:

What makes you a strong candidate:

• You are expert in Cybersecurity DevOps IP (Internet Protocol) and Technology architecture.
  
• You are proficient in Encryption ISO/IEC 27001 and OWASP Top 10.
  
• English Conversacional.
  

Responsibilities and more:

• Design develop review and implements security designs for new or existing technology system(s).
  
• Establishing and maintain trust relationships with the business and project teams through active engagement clear accountability and expectations and frequent communication.
  
• Collaborate with other teams and departments to fit security requirements with other constraints such as business requirements or technology limitations.
  
• Provide business and project teams with cybersecurity expertise by participating in scoping planning and executing cybersecurity related tasks.
  
• Provide feedback and approval for system and application designs and architectures as relates to adherence to security principles and company security policies and develop a security risk management plan for noncompliance.
  
• Provide input on security requirements to be included in statements of work and other appropriate procurement documents.
  
• Create and maintain architecture design artifacts such as diagrams and documentation.
  
• Interpret output of activities such as penetration tests and application security scans translating into actionable remediation requirements.
  
• Analyze current technology environment to identify deficiencies and recommending solutions staying abreast of emerging security technologies and trends and apply them where appropriate.
  
• Educate and mentor project team members in areas of security best practice and company security policies.
  
  

Requirements

• 5 years of experience.
  
• Certified Information Security System Professional (CISSP) certification or equivalent.
  
• Proven experience as a technical architect in multiple fields of IT (e.g. network storage server client web/application cloud etc.) with the ability to understand security best practices and implications across all fields.
  
• Handson experience implementing modern security architectures.
  
• Excellent knowledge of cybersecurity risk evaluations for applications and systems.
  
• Adept in translating security requirements into actionable controls and measures.
  
• Background in securing onprem cloud and hybrid systems in theory and practice including secure architecture design concepts.
  
• Understanding of DevOps principles "shift left" philosophy.
  
• Strong experience with common web application security concepts such as the OWASP Top 10 and their practical implementation.
  
• Understanding of application development secure coding techniques.
  
• Experience with multifactor authentication single signon identity federation identity management and related technologies for both cloud and onprem environments and SaaS solutions.
  
• Experience with vulnerability management methodologies and implementations.
  
• Solid understand of intrusion detection and prevention solutions and techniques.
  
• Experience with encryption technology and industry best practices for practical implementation including Key Management (e.g. PKI HSM etc.)
  
• Security audit and assessment experience (e.g. ISO27001 NIST 80053 etc.)
  

Benefits

• Recognized as a Great Place to Work.
  
• Opportunities for scaling and growth.
  
• Paid time off.
  
• Support for formal education and certifications.
  
• Benefits with partner companies.
  
• Referral plan.
  
• Flexible working hours.