Senior Security Architect
Publiée le 04/10/2024
SOPRA STERIA PSF
Sopra Steria Group, a major player in consulting, technology services and software publishing in Europe, assists its clients in the successful transformation of their business and information systems. By combining value and innovation in the solutions proposed, and delivering utmost quality and performance in the services provided, Sopra Steria Group positioned itself as a preferred partner for major companies and organizations; especially those looking for the best use of digital technology for their development and competitiveness.
The Senior Security Architect holds a critical position, ensuring that our corporate information systems not only comply with but also excel beyond the standards such as CMMI and ISO.
This role demands a sophisticated blend of compliance oversight coupled with a robust technical skill set in planning, prototyping, engineering, implementing, operating, and monitoring complex information systems.
The architect will ensure systems' security, enhance operational efficiency, and guarantee adherence to necessary regulatory compliance standards, with a particular emphasis on cloud solutions.
Activities (Proactive and Reactive):
- Good knowledge of compliance standards: spearhead compliance projects to certify that all corporate information systems meet or exceed these benchmarks.
- Expert system architecture and engineering: perform detailed hands-on work related to designing, prototyping, and engineering of cybersecurity solutions, extending to configuring and operating cloud Security. Evaluate and enhance existing systems for better efficiency and compliance, and design new cybersecurity architectures to fulfil evolving requirements.
- Operational excellence and security management: oversee the daily operations of cybersecurity systems (e.g. Vulnerability Scanners), prioritizing stability, performance, and security. Implement continuous monitoring strategies to detect and actively remediate vulnerabilities to meet SLA requirements, including cloud security capabilities to safeguard information integrity and reliability.
- Strategic stakeholder engagement: collaborate with internal stakeholders, including Service squads, operational leaders in various CoEs, and senior management, to ensure that cybersecurity practices are seamlessly integrated with organizational strategic goals and compliance demands.
- Audit, reporting, and progressive improvement: conduct comprehensive audits of information systems to assess compliance with required standards and identify improvement opportunities. Generate detailed reports on audit outcomes, system performance, and compliance status. Lead efforts to mitigate gaps and enhance system capabilities, with an emphasis on continuous improvement.
- Knowledge sharing and mentorship: Offer expert advice and training to team members and stakeholders on compliance standards, best practices in system security, and technical procedures, including those related to cloud security solutions. Ensure all team members possess the necessary knowledge and skills to support compliance and security efforts effectively.
Your profile:
- Ten or more years of experience in multiple IT areas.
- At least five years working in medium- to large-scale IT environments as a security architect or other security design functions.
- Advanced Cybersecurity knowledge and experience is required.
- Exposure and knowledge to industry standards (e.g. CMMI, ISO 9001) is an important asset.
- Cloud- certification or proven expertise in AWS security solutions are a plus.
- University degree in Information Technology, Computer Science, Cybersecurity, or related field. In lieu of a degree, equivalent years of experience in information technology, system architecture, and/or cybersecurity will be considered.
- Advanced Cybersecurity Certification (e.g. CISSP, CISM, or equivalent) is a differentiator.
- Very good understanding of network security concepts.
- Excellent understanding of authentication and authorisation mechanisms and protocols
- Cryptography and latest cryptographic standards, including PKI
- Working knowledge of the OWASP Top 10
- Full-stack knowledge of IT infrastructure: applications, databases, operating systems — Windows, Unix, and Linux, IP networks — WAN and LAN, knowledge of DevSecOps, knowledge of API Architectures
Soft skills:
- Ability to work and communicate in a multi-cultural environment.
- Service-oriented mindset.
- Ability to communicate in writing and verbally in a clear and concise manner.
- Initiative, accuracy, and attention to detail.
- Fluency in English and French (written and spoken) is essential.
We Offer :
Do you want to be part of a Great Place To Work certified company?
We offer the opportunity to work in a fast growing and dynamic team on challenging national and international projects in different industries. We also offer the opportunity to continuously deepen your knowledge and to further develop your personal competencies.
If you want to boost your career and join a growing European leading IT services company, do not hesitate to check this opportunity and send us your resume.