Description:
We are looking for an Security Architect to work on a project with our client based in Brussels, Belgium.
This role is a freelance contracted role for the duration of 6 months, and the option to extend. It is operated on a fully remote basis from within the European Union.
Responsibilities & Activities:
- Be a member of a dynamic team to design and implement a platform for mission critical applications.
- Develop and document architectural solutions and designs that incorporate security best practices.
- Ensure that security measures are aligned with the overall architectural principles and standards of the organization.
- Create high-level and detailed security architecture documentation, including threat models, security controls, and risk assessments.
- Collaborate with development and operations teams to integrate security measures into the overall platform.
- Oversee the deployment, configuration, and optimization of security tools and platforms, including HashiCorp Vault and Azure security services.
- Provide technical guidance and mentorship to implementation and operations teams on security best practices and technologies.
- Design and implement IAM solutions to manage user identities, permissions, and roles across the platform.
- Ensure robust authentication and authorization mechanisms, including multi-factor authentication (MFA) and role-based access control (RBAC).
- Manage and optimize Azure Active Directory (AAD) and related services.
- Design and implement HashiCorp Vault for secrets management, encryption, and access control.
- Develop policies and procedures for the usage and maintenance of Vault.
- Implement Azure security services, including Azure Security Center, Azure Key Vault, Azure Policy, and Azure Sentinel.
- Ensure compliance with Azure security best practices and guidelines.
- Collaborate with the infrastructure project team to align platform security design with the established cloud environment.
- Implement and manage security monitoring, detection, and response systems to identify and mitigate threats.
- Develop and maintain incident response plans to ensure timely and effective response to security incidents.
- Conduct regular security assessments, vulnerability scans, and penetration tests to identify and address security weaknesses.
- Create and maintain comprehensive documentation for security solutions, including architecture diagrams, security policies, and operational procedures.
- Stay up-to-date with the latest security technologies, features, updates, and industry trends to continually improve the platform's security posture.
Requirements:
- Bachelor’s or Master’s degree in Computer Science, Information Security, Information Technology, or a related field.
- Minimum of 7 years of experience in designing and implementing security solutions.
- Proven experience in architecture and design of secure systems, including identity and access management, encryption, and zero trust network security.
- Hands-on experience with security technologies, including but not limited to firewalls, intrusion detection/prevention systems, security information and event management (SIEM), and endpoint protection.
- Experience with HashiCorp Vault and Azure security services, such as Azure Security Center, Azure Key Vault, Azure Policy, and Azure Sentinel.
- Strong understanding of security architecture principles and best practices.
- Proficiency in designing and implementing security controls for cloud environments, particularly Azure.
- Experience with IAM solutions, including Azure Active Directory (AAD), MFA, and RBAC.
- Familiarity with monitoring and logging tools for security.
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills, with the ability to work effectively with cross-functional teams.
- Ability to manage multiple priorities and projects simultaneously.
- Proactive and self-motivated with a commitment to continuous learning and improvement.
- Relevant security certifications, such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or equivalent, are preferred.