Security Services Architect Consultant HydroExtrusions is a world-leading aluminum extrusion business with approximately 100 production sites in 40 countries and employing 20,000 people.
Through our unique combination of local expertise, global network, and unmatched R&D capabilities, we offer everything from standards profiles to advanced development and manufacturing for many key industries.Hydro is currently strengthening the organization within the area of Cyber Security Services.
As a result, Cyber Security Services/Security Engineering is looking for a proficient Security Services Architect to lead the recently formalized security architecture capability/discipline for the Hydro group.The position will be responsible for implementing Security Architecture as the means to plan and design security consistently and coherently.
Leading the efforts to translate cyber risks into executable security requirements along with designing and guiding the implementation of security controls.
This position will collaborate with a large network of stakeholders from enterprise domain architects, the professional cyber security functions, CISO, security solution architects, security engineers, security operation, SOC teams, risk managers, application, and product owners.
The position reports to the Manager of Security Engineering and is part of the Cyber Security Services.Responsibilities:Own the Security Architecture capability/discipline and ensure it is operational as desired;Lead the efforts of defining, prototyping, and developing security reference architecture, methodology, models, and security controls in alignment with requirements from the architecture teams, technology teams, and CISO organization;Lead the adoption and implementation of relevant cyber security frameworks and standards;Translate information security policies into a technical security control framework, security architecture blueprints, and socialize across the organization;As a trusted advisor, you will be the security go-to-person on the relevant architecture boards and cyber security services/security engineering team;Develop security standards and drive improvements based on IT/Security strategy, Cyber Security related operation developments, project feedback, and other sources;Oversee the life-cycle of security architectures/solutions from the conceptual, through logical, physical down to component and service management/operation layer.Qualifications:Degree in IT areas;Specialization in information security areas either in software and/or infrastructure including both architecture and operation (e.g., Log management, Vulnerability management, Firewall).Requirements:Strong experience with technology and IT;Desirable experience or knowledge with OT/ICS security;Experience in working in a larger international environment and delivering through virtual teams;Strong verbal and written skills in English;Strategic and result-oriented with an analytical mindset;Leadership, facilitation, and orchestration skills;Familiar with agile approaches of digital product development;Experience in security audit field;Proven knowledge of ISO security standards (ISO27001, ISO22301 or equivalent);Proven knowledge of international security frameworks and methodologies (NIST, SABSA; TOGAF or equivalent);Experience in cloud security (e.g., AWS or Azure certification);Strong track record of implementing IT security policies and controls through various departments and hierarchy levels;Ability to communicate with technical and non-technical stakeholders equally.All opportunities are open to people with disabilities (PWD) and rehabilitated by the INSS.Department: GBS IT Security Operations Center#J-18808-Ljbffr