Enterprise Security Architect - req573
Proximus is the leading telecommunications company in Belgium and a market leader in a number of areas, including fixed-line telephony services, mobile communications services and broadband data and Internet services.
As a member of the Security Governance & Investigations department of Proximus, the Enterprise
Security Architect (ESA) supports 1/ the information security governance, risk and compliance (GRC) functions; 2/ the strategy definition (capability planning) and strategy execution for the delivery of new cyber security services; 3/ the modeling and documentation of the present state (as-is) security architecture and 4/ "building security in" (security by design) in the systems development life cycle, by developing and maintaining a central repository of architecture building blocks, conducting architecture risk analysis activities and providing architectural guidance.
You will create reference models and architecture patterns for use in policy definition and control placement, as well as for providing guidance to project architects in their business solution design activities. You will also design security management processes at the detailed operating level and act as solution architect for security services.
As a thought leader, you will develop visions and roadmaps when investigating new business processes
and technologies or applying existing technologies to solve business problems. You will present solutions and their justification to senior management and communicate strategies, policies and complex technical issues to both business and technical audiences.
You will develop effective working relationships with other enterprise architects, third party vendors and
delivery functions, ensuring overall strategic and architectural alignment.
We are looking for a multi-disciplined, tech-savvy and dynamic colleague to join our ESA team, who
is eager to contribute in delivering robust security solutions in the complex and challenging threat environment of today.
* Minimum 5 years of experience in information and cyber security architecture. Managed architectural work across the full life cycle from inception through to implementation.
* Applied and integrated a broad variety of security technologies, producing layered, defense-in-depth security architectures.
* Conciliated multiple stakeholder viewpoints, using architecture patterns and tradeoff scenarios.
* Applied Infosec industry standards (e.g., SANS 20) in large organizations.
* Maintained a holistic perspective on the security capabilities needed to support or deliver the enterprise's strategic goals and objectives. These capabilities cover a broad variety of security domains: IAM, EPP, Application Security, Cloud Security, etc.
* Acquired skills in general project management, systems development life cycle and architecture documentation.
* Applied multiple architecture development methods and languages: SABSA, TOGAF, Archimate, BPMN, UML…
* Process and component model development at the logical and physical level.
* Security tactics & design patterns in the context of threat modeling.
* Strong knowledge of the security domains and associated industry standards: cloud security, cryptography and key life cycle management, PKI, identity & access mgmt., API security, etc.
* General networking technology: routing & switching standards, SDN…
* Telco industry knowledge and experience are a plus.
* Proven team player with excellent communication, presentation and negotiations skills, and the ability to interface will all levels of the enterprise.
* Excellent analytical, conceptual, and problem-solving abilities.
* Ability to conduct research into emerging technologies and trends, standards, and products as required. Learns fast.
* Ability to effectively prioritize and execute tasks in a high-pressure environment.
* Proven leadership skills combined with a strong drive and orientation for results, ability to motivate self and others, and lead others towards a common goal.
* High integrity, work ethics and commitment.
* Strong decision making skills.
* Excellent influencing and facilitation skills, in particular in problem solving / troubleshooting activities.
* SABSA, CISSP, CISM, GIAC or similar Information Security certifications are a plus.
* Fluency in the English language in addition to your mother language (Dutch, French) - both verbal and written, with the ability to communicate clearly.
A professional and stimulating working environment in the telecommunications sector. Various career opportunities within the Proximus Group on a national and international level, high-quality training and a rich and acknowledged expertise. We also offer you an attractive remuneration with many fringe benefits.