Cyber Security Architect

Job Description:

The Cyber Security Architect will work closely with the solution architects and enterprise architects to improve and maintain the cyber security of NAVBLUE’S products, services and infrastructure. The ideal candidate will play a critical role in designing and implementing cybersecurity frameworks to align with the business objectives and mitigate potential threats.

Main Responsibilities: 

• Perform Security Risk and Threat analysis during the initial design and the Software Development Life Cycle planning, analysis, and design phases. Providing recommendations and requirements for mitigating any security weaknesses identified while defining Non-Functional Requirements in coordination with Solutions Architects.

• Ensure Security by Design is embedded within the Software Development Life Cycle, while ensuring that all security requirements have been applied before product or function release.

• Analyse and interpret security scan results and vulnerability reports to develop prioritized remediation strategies, working closely with IT, Development and Hosting teams to address vulnerabilities effectively

• Engineer and implement security controls based on industry standards while continuously evaluating and enhancing our security infrastructure

• Collaborate with IT, DevOps and SecOps teams to architect, configure and implement security monitoring and defense tools (is. SIEM, IDS/IPS, ASM, WAF) to safeguard against security breaches, cyber threats and unauthorized access

• Report on and assist with all security events and incidents.

• Oversee Security testing, including penetration testing and vulnerability scanning

• Ensure products compliance with security standards and regulations

• Ensure NAVBLUE Security strategy deployment within technical operations

• Ensure effective synchronization and alignment with Airbus Security Organization

Education:

• Bachelor’s degree in  technical discipline

• Training and education in cyber security principles

Experience: 

• 5+ years of Security Architecture/Engineering, and/or Network architecture, and/or Security Operations and/or Experience in software development; software architecture an asset.

Licensure/Certifications:

• Industry certification (i.e. AWS CSA, ISC2  ISSAP, SABSA SCF or similar)

Knowledge, Skills, Demonstrated Capabilities & Competencies:

• Familiarity with various security certifications such as ISO2700, NIST, etc., sufficient to provide immediate leadership and guidance to individuals, teams and departments in meeting the organization’s security requirements

• Excellent management, analytical and problem-resolution skills

• Working knowledge of the SDLC and AWS network architecture

• Knowledge of the SAFe Agile method would be an asset        

• Understanding of security testing in the software pipeline (SAST, DAST, SCA, RASP)

• Knowledge of STRIDE, DICE and other threat and risk frameworks

• Knowledge of AWS tools

• Proven experience managing multiple projects simultaneously

• Practical interpersonal skills; adaptable to all levels of the organization

• Ability to contribute in a collaborative environment

Communication Skills (Spoken, Written, Influencing, Proficiency in Other Languages):

• Capable of influencing individuals at all levels of the organization to drive and implement change while identifying and minimizing the impact of risks

• Excellent communication skills in English (both written & verbal), including staff presentations

Technical Systems Proficiency:

• Incident Management Systems

• Security Management Tools (email filtering, vulnerability scanning tools, security dashboards, etc.)

• Cloud security management tools like CNAPP, CSPM, CWPP, and CIEM. 

• Security risk assessment methodology (EBIOS RM)

• Security Requirement Definition and Review

Travel Required: 

• 10-15% Domestic and International

This job requires an awareness of any potential compliance risks and a commitment to act with integrity, as the foundation for the Company’s success, reputation and sustainable growth.

Company:

NAVBLUE, Inc.

Employment Type:

Permanent

-------

Experience Level:

Professional

Job Family:

Cyber Security

By submitting your CV or application you are consenting to Airbus using and storing information about you for monitoring purposes relating to your application or future employment. This information will only be used by Airbus.
Airbus is committed to achieving workforce diversity and creating an inclusive working environment. We welcome all applications irrespective of social and cultural background, age, gender, disability, sexual orientation or religious belief.

Airbus is, and always has been, committed to equal opportunities for all. As such, we will never ask for any type of monetary exchange in the frame of a recruitment process. Any impersonation of Airbus to do so should be reported to emsom@airbus.com.

At Airbus, we support you to work, connect and collaborate more easily and flexibly. Wherever possible, we foster flexible working arrangements to stimulate innovative thinking.