Security architect

Location: Brussels
Date Prepared: October 17, 2024
Position Level: Senior

Job Purpose/Mandate:

The Security Architect is responsible for the design and implementation of our client's security strategy, specifically focusing on cloud (Azure) and MS365 environments. The role ensures the protection of critical infrastructure, data, and compliance with privacy laws. Our client is involved in Belgium's energy sector, managing large amounts of personal data and needs to adhere to stringent information security regulations.

Specific Duties and Responsibilities:

Design and Monitor Security Strategy: Develop and oversee the execution of the Azure cloud and MS365 security controls.
BYOD and Endpoint Security: Design and ensure the secure implementation of Bring Your Own Device (BYOD) and endpoint security solutions.
DevSecOps Implementation: Lead the implementation of DevSecOps practices, ensuring security integration across development pipelines.
Vulnerability Management: Oversee vulnerability scanning, analysis, and remediation efforts.
Security Incident Monitoring: Supervise security incidents and work closely with the Security Operations Center (SOC) to refine and improve use cases and response measures.
SDLC Security: Monitor the entire Security Development Lifecycle (SDLC), ensuring security reviews of changes and architecture to suggest improvements.

Technologies:

Microsoft Entra (including Entra ID, Domain Services)
Azure (IaaS, PaaS, SaaS), DevOps, Defender, Intune

Competencies and Qualifications:

Experience: Minimum 4 years as a Security Architect focusing on cloud security, with hands-on experience in Azure and MS365 environments.
Cloud Technologies: Demonstrable expertise in cloud security infrastructure (IaaS, PaaS, SaaS) and Azure-specific tools.
DevSecOps Practices: Strong knowledge of application security, threat modeling, and pipeline security.
Azure DevOps: Proven experience with Azure DevOps for security integration.
Microsoft Defender & Entra: Extensive knowledge of Microsoft Defender for cloud security and Microsoft Entra ID for identity and access management.

Growth and Skill Enhancement Opportunities:

Technical Skills:

Azure AI integration for security.
Advanced DevSecOps tools and techniques (IaC security, automation).
Threat hunting and incident response automation.
Zero Trust Architecture principles.
Advanced cloud encryption and privacy techniques.

Soft Skills:

Leadership in cross-functional security projects.
Strategic decision-making and risk assessment.
Effective communication with stakeholders.
Advanced problem-solving in cybersecurity.
Team mentorship and development.

Languages:

French or dutch: Native

English: Fluent

Role's Contribution to Company Growth:

The Security Architect plays a critical role in ensuring the integrity and confidentiality of our client's systems, which are fundamental to Belgium's energy market. This role ensures compliance with privacy regulations and secures large volumes of sensitive data, helping our client to remain a trusted entity in the sector.

Additional Certifications or Training:

Microsoft DevOps Engineer Expert (strongly recommended).
Certified Cloud Security Professional (CCSP).
Azure Security Engineer Associate.
ISO 27001 Lead Implementer.
Privacy certifications like Certified Information Privacy Professional (CIPP).