Job Description:
The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE’S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats.
Main Responsibilities:
* Perform Security Risk and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects.
* Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have been applied before product or function release.
* Analyse and interpret security scan results and vulnerability reports to develop prioritized remediation strategies, working closely with IT, Development and Hosting teams to address vulnerabilities effectively
* Engineer and implement security controls based on industry standards while continuously evaluating and enhancing our security infrastructure
* Collaborate with IT, DevOps and SecOps teams to architect, configure and implement security monitoring and defense tools (is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access
* Report on and assist with all security events and incidents.
* Oversee Security testing, including penetration testing and vulnerability scanning
* Ensure products compliance with security standards and regulations
* Ensure NAVBLUE Security strategy deployment within technical operations
* Ensure effective synchronization and alignment with Airbus Security Organization
Education:
* Bachelor’s degree in technical discipline
* Training and education in cyber security principles
Experience:
* 5+ years of Security Architecture/Engineering, and/or Network architecture, and/or Security Operations and/or Experience in software development; software architecture an asset.
Licensure/Certifications:
* Industry certification (i.e. AWS CSA, ISC2 ISSAP, SABSA SCF or similar)
Knowledge, Skills, Demonstrated Capabilities & Competencies:
* Familiarity with various security certifications such as ISO2700, NIST, etc., sufficient to provide immediate leadership and guidance to individuals, teams and departments in meeting the organization’s security requirements
* Excellent management, analytical and problem-resolution skills
* Working knowledge of the SDLC and AWS network architecture
* Knowledge of the SAFe Agile method would be an asset
* Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP)
* Knowledge of STRIDE, DICE and other threat and risk frameworks
* Knowledge of AWS tools
* Proven experience managing multiple projects simultaneously
* Practical interpersonal skills; adaptable to all levels of the organization
* Ability to contribute in a collaborative environment
Communication Skills (Spoken, Written, Influencing, Proficiency in Other Languages):
* Capable of influencing individuals at all levels of the organization to drive and implement change while identifying and minimizing the impact of risks
* Excellent communication skills in English (both written & verbal), including staff presentations
Technical Systems Proficiency:
* Incident Management Systems
* Cloud security management tools like CNAPP, CSPM, CWPP, and CIEM.
* Security risk assessment methodology (EBIOS RM)
* Security Requirement Definition and Review
Travel Required:
* 10-15% Domestic and International
This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.
Company:
NAVBLUE, Inc.
Employment Type:
Permanent
-------
Experience Level:
Professional
Job Family:
Cyber Security