Beschreibung
For one of our clients we are looking for an IT Security Architect (m/f) for Endpoint Protection in Berlin:
Job description:
The IT Security Architect for Endpoint Protection assists in the concept, and high-level design of the security architecture and services for client systems in various working environments, like office, engineering, manufacturing floor, remote access, etc. In this role, he/she will support the Focus IS program by determining security requirements, evaluating risks and their potential mitigations, planning security controls, and proposing solutions for typical endpoint services like Anti-Malware, Secure Email Exchange, Secure File Exchange, User and System Certificate Management, Endpoint Encryption for selected data and/or whole devices, Network Admission, Remote Access, Content Filtering, HIDS and personal firewalls under the guidance of the IS Security Office. The IT Security Architect contributes to the development and maintenance of the work place security strategy, ensuring that concept and design of the appropriate security controls are aligned with IT security policies and standards and regulatory or contractual requirements (e.g. OSC, Privacy regulations).
Specific tasks:
1. Security Concept: Interprets information security policies, standards, and other requirements as they relate to endpoint systems. Evaluates requirements and identifies core IT security services for work places so that information on IT systems is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability (50%)
2. Security Services: Designs security services from requirements and best practices for both core IT Security processes (offered from a central data centre) as well as specific technologies in endpoint devices. Evaluate residual risks and identify mitigating controls in accordance with business impact and risk. (20%)
3. Security Processes: Design processes for security services and mitigating controls, including service level descriptions, KPIs and reporting on security effectiveness. (30%)
Skill requirements:
Expert in Information Security and Risk Management
Expert in Technical Security Controls (Access Control, Encryption)
Advanced in Application Security
Advanced in Business Continuity and Disaster Recovery Planning
English (fluent)
Softskills:
Teamwork and Communication
Problem solving
Drive for Results
Decision making