Security Architect

La Fosse has partnered with a global Manufacturing Leader who s looking for a Security Architect to join their team and provide strategic security advice and guidance in a complex, global environment. This role will be pivotal in identifying and mitigating digital threats through comprehensive threat modelling and hands-on risk assessments. Key Responsibilities:Provide expert security advice, requirements, and guidance during the delivery of new systems or updates to existing ones, emphasizing a "Security by Design" approach.Conduct in-depth threat modeling to understand how systems communicate and identify potential vulnerabilities, including areas like user authentication, MFA, and encryption (both at rest and in transit).Perform security-focused risk assessments and hands-on evaluations of new systems, services, and changes to ensure they align with the organization's risk tolerance.Collaborate closely with business units and IT teams to review solution designs, ensuring they adhere to existing security principles, standards, and best practices.Define, document, and implement core security patterns, standards, and guidelines, particularly around emerging technologies like SAP, Azure, IAM (Identity and Access Management), and OT (Operational Technology).Lead discussions on encryption standards, such as how to implement encryption for data at rest and in transit, ensuring a strong security posture for applications communicating across the network.Review current security processes to identify optimization opportunities, ensuring thorough coverage and adherence to Governance, Risk, and Compliance (GRC) standards.Required Experience: Strong experience with common security frameworks, including NIST, CIS, ISO27001, and MITRE.Practical knowledge of threat modeling frameworks (e.g., STRIDE) and a deep understanding of communication flows, security risks, and mitigation strategies.Ability to engage in low-level technical discussions about encryption methods, data protection strategies, and IAM, ensuring comprehensive security coverage.Proven ability to balance security risks against business benefits, articulate these considerations clearly, and recommend appropriate mitigations.Excellent communication skills to bridge the gap between technical security teams and non-technical business stakeholders, helping them understand the importance of security in system designs.For more information, please apply.