1. Main page
    2. /
  2. IT/Programming
    3. /
  3. Information Security Management System
    4. /
  4. Cybersecurity Architect

Cybersecurity Architect

Permanent work
Information Security Management System

A large pharmaceutical company is looking for a specialist - Cybersecurity Architect to work on implementing cybersecurity transformation projects.


Responsibilities:

  • Implementing projects to transform the company's cybersecurity in line with its business and cyber security strategy.
  • Formation of architectural principles, standardized architectural solutions, standard cybersecurity requirements.
  • Supporting IT project teams on the implementation of Information Security requirements and monitoring their implementation;
  • Initiative hardening of infrastructure and services.
  • Participation in the change management process in the role of an Information Security expert and formation of cybersecurity requirements for the information systems being created and modernized.
  • Participation in acceptance testing of implemented IT solutions.
  • Analyzing new IT technologies and determining conditions for their secure application;
  • Forming design and other technical documentation for cybersecurity systems.


Requirements:

  • Higher specialized education (or higher education in IT).
  • Experience in the role of Information Security Architect.
  • Understanding of modern enterprise-level information technologies (virtualization, containerization, databases, networking protocols, cryptographic protocols, APIs, corporate infrastructure services, enterprise, mobile and web applications, etc.), their vulnerabilities, attack methods and protection methods;
  • Knowledge and experience in the application of key cybersecurity standards and best practices (ISO27002, NIST, CIS, etc.);
  • Knowledge of current IS threats and measures to minimize them, including knowledge of overhead protection tools;
  • Understanding of the principles of basic infrastructure services (AD, DNS, DHCP, etc.).
  • Experience in applying built-in security mechanisms at the OS level (Windows, Linux), DBMS (MS SQL, PostgresPRO);
  • Strong knowledge of the principles of data networks, basic stacks of network protocols and technologies for their protection.
  • Experience in Information Security acceptance testing, Information Security audits;


Will be a plus:

  • Experience of working with Office365 in a security administrator role.
  • Experience in securing industrial systems.
  • Experience in cybersecurity of infrastructure and services leased from Russian cloud providers.
  • English at Intermediate level and above.
  • Knowledge of guiding documentation of Russian regulators in the field of Information Security.