Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data.
- Document and address SCFHS's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
- Perform cybersecurity reviews and identify gaps in security architecture, to develop cybersecurity risk management plans.
- Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
- Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
- Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
- Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents.
- Provides project consulting, evaluating proposed solutions including vendor products & services for information security architecture, risks and recommending alternative solutions or compensating controls.
- Performs security architecture / design reviews of projects, products and solutions and ensures they aligned in accordance with security policies and best practices to meet SCFHS Cybersecurity security requirements.
- Identifies gaps in project's security design, cybersecurity reference architecture, architecture design patterns and recommend security enhancements.
- Read and interpret technical diagrams, specifications, drawings, blueprints, and schematics relating to systems and networks.
- Recommend cost-effective security controls to mitigate risks identified through testing and review.
- Develop and address security architecture and systems security engineering requirements throughout the acquisition life cycle.
- Guarantee that acquired or developed systems and architectures are consistent with cybersecurity architecture guidelines.
- Read and translate technical diagrams, specifications, drawings, blueprints and schematics relating to systems and networks.
- Defines new security architecture patterns for advanced technologies such as IoT, AI, Metaverse etc.
Work Experience:
Minimum of 6 years of related experience in Cybersecurity Architecture and successful track record in leading and building Cybersecurity Architecture.
Educational Background:
Bachelor's degree in information, Cyber Security, Computer Science, Information Technology, or a related field.
- Relevant certifications such as CISSP, SABSA and GDSA are highly desirable.
Technical and Cybersecurity Competencies:
- Expertise in frameworks such as TOGAF, SABSA, and Zachman.
- Proficiency in designing security architectures that align with business requirements and industry standards.
- Familiarity with microservices, Service-Oriented Architecture (SOA), and cloud-native architecture.
- Understanding of layered defense models and Zero Trust architecture.
- Proficient in applying encryption, secure protocols, and cryptographic standards.
- Strong knowledge of firewalls, intrusion detection/prevention systems (IDS/IPS), and VPN technologies.
- Strong understanding of the Secure Software Development Lifecycle (SSDLC).
- Knowledge of application security testing methods, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Runtime Application Self-Protection (RASP).
- Proficiency with OWASP Top Ten vulnerabilities and their mitigation strategies.
- Experience with API security standards such as OAuth, JWT, and API gateways.
- Expertise in identity federation protocols including SAML, OAuth, and OpenID Connect.
- Experience with Zero Trust and identity-centric security models.
Seniority level
Employment type
Job function
- Marketing, Public Relations, and Writing/Editing
Industries
- Government Administration and Public Relations and Communications Services