Security Architect

La Fosse has partnered with a global Manufacturing Leader who s looking for a Security Architect to join their team and provide strategic security advice and guidance in a complex, global environment.

This role will be pivotal in identifying and mitigating digital threats through comprehensive threat modelling and hands-on risk assessments.

Key Responsibilities:

• Provide expert security advice, requirements, and guidance during the delivery of new systems or updates to existing ones, emphasizing a "Security by Design" approach.
• Conduct in-depth threat modeling to understand how systems communicate and identify potential vulnerabilities, including areas like user authentication, MFA, and encryption (both at rest and in transit).
• Perform security-focused risk assessments and hands-on evaluations of new systems, services, and changes to ensure they align with the organization's risk tolerance.
• Collaborate closely with business units and IT teams to review solution designs, ensuring they adhere to existing security principles, standards, and best practices.
• Define, document, and implement core security patterns, standards, and guidelines, particularly around emerging technologies like SAP, Azure, IAM (Identity and Access Management), and OT (Operational Technology).
• Lead discussions on encryption standards, such as how to implement encryption for data at rest and in transit, ensuring a strong security posture for applications communicating across the network.
• Review current security processes to identify optimization opportunities, ensuring thorough coverage and adherence to Governance, Risk, and Compliance (GRC) standards.

Required Experience:

• Strong experience with common security frameworks, including NIST, CIS, ISO27001, and MITRE.
• Practical knowledge of threat modeling frameworks (e.g., STRIDE) and a deep understanding of communication flows, security risks, and mitigation strategies.
• Ability to engage in low-level technical discussions about encryption methods, data protection strategies, and IAM, ensuring comprehensive security coverage.
• Proven ability to balance security risks against business benefits, articulate these considerations clearly, and recommend appropriate mitigations.
• Excellent communication skills to bridge the gap between technical security teams and non-technical business stakeholders, helping them understand the importance of security in system designs.

For more information, please apply.