Senior Security Architects
No. of vacancy : 2
Experience :Minimum of 7 years of proven experience in cybersecurity roles.
Location : This will be remote and in Ireland timezone
Budget: Suitable to market condition
Work Periods: 12 months engagement. Extendable based on performance.
Job Overview:
We are basically looking for a highly skilled and experienced Senior Security Architect with a minimum of 7 years of hands-on experience in cybersecurity. The ideal candidate must be well-versed in Governance, Risk, and Compliance (GRC) practices, possess expertise in threat modeling and vulnerability management, and demonstrate proficiency in various security tools and technologies. This role would require a proactive individual who can define and implement robust security strategies while staying abreast of the latest threats and mitigation techniques.
Key Responsibilities:
GRC Expertise:
- Understand and implement Governance, Risk, and Compliance strategies.
- Work with related platforms to ensure regulatory compliance.
Threat Modeling & Vulnerability Management:
- Define, manage, and execute a comprehensive threat model.
- Develop and implement a vulnerability management strategy.
Vulnerability Scanning:
- Utilize tools such as Skybox, Dynatrace, Qualys, and Archer for vulnerability scanning applications.
- Address and remediate identified vulnerabilities.
CVE Remediation:
- Demonstrate a deep understanding of Common Vulnerabilities and Exposures (CVE) and implement effective remediation strategies.
DevSecOps and Tooling:
- Hands-on experience with DevSecOps practices.
- Proficiency in Security as Code (SAC) and related SAST/DAST tooling.
Training and Upskilling:
- Train and upskill engineering teams on Security as Code methodologies.
- Provide guidance on the integration of security practices within the development lifecycle.
Qualifications and Experience:
- Bachelor’s or Master’s degree in Computer Science, Information Security, or related field.
- Minimum of 7 years of proven experience in cybersecurity roles.
- Strong understanding of GRC frameworks and practices.
- Extensive experience in threat modelling and vulnerability management.
- Proficiency in using vulnerability scanning tools such as Skybox, Dynatrace, Qualys, and Archer.
- In-depth knowledge of CVE remediation strategies.
- Hands-on experience with DevSecOps practices and SAST/DAST tooling.
- Proven ability to train and upskill engineering teams on Security as Code