Security & Identity Management Architect

at  SITA Switzerland Sarl

EXPERIENCE::

• 3 years’ cyber security experience in a complex/enterprise IT environment.
• In-depth understanding of cloud security concepts and best practices across major cloud platforms.
• Knowledge and demonstrated application of key security principals to IT architecture:
• Defense in depth, Zero trust, Least privilege, Segregation of duties, etc.
• Extensive experience in designing and implementing security controls, policies, and procedures.
• Proven track record in identifying and mitigating security risks and vulnerabilities across different layers of the technology stack.
• CISSP, CISM or similar certification in security field.
• Excellent communication and presentation skills to facilitate workshops, stand-ups and Security review meetings with customer and/or stakeholders.
• Strong understanding of cloud-based architecture and hands-on development (Infrastructure as Cloud, CI/CD pipelines), cloud-based security controls (SASE, CSPM, CASB) and security automation (Ansible, Terraform).
• Experience in conducting security assessments, risk analysis, and threat modeling.
• Demonstrated ability to stay updated with the latest security trends, threats, and technologies.

ABOUT THE ROLE & TEAM:

As a Security & Identity Management Architect, you will play a critical role in infrastructure security strategy by designing, implementing, and maintaining secure DevOps practices and infrastructure to protect our organisation’s assets and data from cyber threats and vulnerabilities. You will collaborate closely with Engineering, Development, Operations, and security teams to ensure that security is integrated seamlessly throughout the software development lifecycle.

WHAT YOU WILL DO:

• Design and develop the architecture for identity and access management systems, including authentication, authorization, and user provisioning/de-provisioning processes.
• Develop and implement processes for managing the security lifecycle.
• To build deep knowledge of the of the Security product, including the services and tools provided. Based on this knowledge, able to propose enhancements, with sponsorship from the Product Owner.
• Implement controls and workflows for managing and monitoring privileged access to critical systems and resources, including privileged account management and session monitoring.
• Integrate identity and access management solutions with other security technologies such as SIEM (Security Information and Event Management), DLP (Data Loss Prevention), and IAM (Identity and Access Management) platforms to enhance overall security posture.
• Define and enforce access control policies based on business requirements, regulatory compliance, and industry best practices.
• Conduct risk assessments and security audits to identify vulnerabilities and weaknesses in identity and access management systems, and develop remediation plans to address security gaps.
• Dealing with the integration of 3rd parties, customer solutions, and internal stakeholders requirements.
• Act as a liaison point between the product development team and customer stakeholders.
• Show passion and professionalism to exceed client expectations with clear and regular communication. Keeping them informed of the updates on any changes or issues, and soliciting feedback.
  Qualifications: