Architecte Sécurité Cloud-Client final - CDI - Aix en Provence
Global leader of electronic components and the first European manufacturer of semi-conductors.
The company designs, manufactures and sells smart solutions and products of daily life which consume little energy and contribute to make driving, factories, cities more “Intelligent”.
They enable the development of new generations of mobile phones ad well as Internet of things.
My client is recognized for its cutting-edge innovation technology.
Reporting to the CIO, the RMIS (Risk Management, Information Security and compliance) department is in charge of information security in the company and risk management and compliance within the Digital Information Technology (DIT) organization.
Within the “security engineering and architecture” department of RMIS, we are searching for a security architect to strengthen the team.
The position can be located in one of the following sites: Aix-en-Provence or Grenoble
* Role and responsibilities:
1/ Validate security in design of IT solutions in all domains (business applications, R&D, manufacturing, IT infrastructure).
2/ When security gaps are identified in IT solutions (existing or proposed ones), recommend enhancements and help resolving those gaps with the solution and technical architects.
3/ Improve the architecture security principles, patterns and related tooling used by the architects, according to the evolution of technology, evolution of security threats and company needs.
4/ Participate to selection, design and build of security solutions, as part of the “security engineering” activities.
5/ Be the referent expert in the team for cloud security (AWS, Azure, SaaS).
The job holder will:
- Work closely with enterprise architects, solution and technical architects.
- Work closely with project managers and IT experts.
- Work closely with the manager in charge of “security engineering and architecture”.
- Work closely with other security experts in RMIS.
5+ years’ experience in IT security. You must have a broad knowledge in all aspects of information security, from infrastructure to applications and be knowledgeable with security technology in cloud, mobile and IAM.
French Bilingual required
More detailed information:
- Strong knowledge in security architecture, covering IT infrastructure / application design & implementation:
o Security of cloud designs (IaaS, PaaS, API, CASB).
o Security of mobility solutions.
o Security of big data approaches and technologies.
o Web security principles: services architecture (SOA, micro services…), WAF.
- Technical knowledge in different domains:
o Network, operating system and middleware security,
o Security of Windows-based infrastructure from AD to the endpoint.
o Ability to design security solutions for:
▪ Cloud environment,
▪ Identity & access management: two-factor authentication, directory, SSO, access controls…
- Good knowledge of security standards (ISO 2700x, NIST, SANS, SABSA…).
- Mastering of English in professional environment (written, spoken).
- Willing to travel whenever necessary.
o Certification in the fields of security architecture, security engineering or cloud security strongly preferred (such as ISC2-ISSAP, ISC2-ISSEP, ISC2-CCSP, AWS Certified Security).
o Generalist Information Security certification (such as CISSP, CISM, GIAC-GSE) appreciated.
o Certifications from industry-leading vendors of network security solutions would be desirable but aren’t essential.
France PACA Provence-alpes-cote-dazur rhone-alpes grenoble aix cybersecurite cybersecurity sécurité-it it-security Consultant- Architect architecture cloud-security mobile-security IAM identity-access-maangement gestion-des-identités identités-numériques ad active-directory iaas paas api casb architecture design conception seucirty-design it-security design Cybersecurity-architecture IAM Identity-acess-management iot internet-of-the-things ISO 2700x ISO27001 ISO27002 ISO 27005 SANS NIST CISSP CISM GIAC-GSE ISC2-ISSAP ISSEP CCSP cloud-security cloud-architecture cloud cybersécurité Cybersecurity-consultant Cybersecurity-engineer ingénieur-cybersécurité SOC Sécurity-Operation-center GRC Gouvernance Risques Conformité Gouvernance Risk Compliance Technical-securité Security-policy Infosec Information-security Risk-management risk-manager risk-analysis compliance conformité iso2700k iso 27001 iso27002 iso27005 ebios mehari gap analysis pm project-management chef-de-projet program-management program-manager program-director international english iot electronics industry