IT Security Architect Porto

IT Security Architect
Porto
Porto, Porto District, Portugal

Senior Executive / Head of Public Sector at Prime
IT

We are looking for an IT Security Architect to be responsible for implementing the Group and Regional IT security policies within a geographical scope and on functional scopes.

The role will include the management of incident response, in coordination with the Regional stakeholders and the Group security team.

The perfect fit should assure the security, confidentiality, integrity, traceability and regulatory compliance of information systems and data within geographies and functional scopes.

Key responsibilities

• Support regional IT security policies and roadmap implementation
  • Implement the Group security policies & directives
  • Inform region and Group of the local context (Data Privacy, Regulation, …)
  • Raise awareness of management and users regarding IT security risks and on the security solutions and processes already in place
  • Communicate policies and procedures to relevant stakeholders to ensure its’ proper implementation
  • Coordinate / lead / support the deployment of Global / Regional security solutions
  • Report gaps with the policies and the Minimum Security Baseline (MSB)
• Assess IT security risks and exposure
  • Assess IT security of business projects to ensure appropriate consideration and application of security principles by architects and third parties,
  • Evaluate risks, threats, and potential impacts of IT requests
  • Contribute to the deployment of mitigation actions (technical, organizational, on contracts, with
    - insurers, …),
  • Assist in the assessment of business solution suppliers and support Legal team in drafting supplier contract,
  • Assist in the monitoring of implementation of internal and external audits recommendations and remediation plans, including the assistance of drafting of action plans,
  • Assist the deployment and adoption of Data Privacy initiatives and coordinate the implementation of IT-related controls to ensure compliance to local regulatory obligations
• Ensure operational protection of the Information Systems
  • Relay security communications and ensure appropriate actions are taken and report,
  • Participate in ensuring effective patching and vulnerability management (processes) working with infrastructure and applications teams,
  • Participate in the deployment of P. O. Cs. for solutions evaluated for Regional or Group, and act to reinforce the RFPs which will serve to evaluate vendors,
  • Assist in the designing and collecting of relevant KPI’s and dashboard regarding technical and organizational security aspects for regular review with senior IT stakeholders
• Manage security incident
  • Implement security incident response procedures in line with Group security directive
  • Qualify security incidents and coordinate response
  • Involve and escalation to the relevant stakeholders locally and at Group level
  • Lead post incident reviews for process improvements and track implementation of actions
• Actively contribute to the Global security community
  • Share experience with peers
  • Lead and support security architecture activities part of the Global and Regional security roadmaps

Qualifications

• At least 5 years’ experience in IT Security /
  - security domain
• At least 3 years’ experience in a similar role
• Ideally CISA, CISSP or ISO 27001 LI/LA certification

Seniority level

Associate

Employment type

Full-time

Job function

Information Technology

Industries

Technology, Information and Media and Computer and Network Security