Security Architect Security Auditor for NATO with security clearance

La Spezia - Italy

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Would you like to join the leading international intergovernmental organization

The Centre for Maritime Research and Experimentation (CMRE) is an established world-class scientific research and experimentation facility that organizes and conducts scientific research and technology development centred on the maritime domain. It delivers innovative and field-tested science and technology (S&T) solutions to address defence and security needs of the Alliance.

Responsibilities:

Implement and operate security controls within accreditation frameworks for enterprise systems networks and critical infrastructure including autonomous vehicles and data acquisition
Manage and maintain communication and information systems including network devices firewalls and virtualized security environments
Conduct security testing breach analysis and root cause investigations to identify vulnerabilities and implement remediation strategies
Monitor analyse and respond to security alerts and incidents using advanced threat detection tools while maintaining comprehensive incident documentation and reporting
Perform vulnerability assessments penetration testing and security evaluations to identify and address weaknesses across IT infrastructure
Deliver security awareness training to staff and ensure ongoing compliance with regulatory requirements and organizational security policies
Design develop and maintain security architectures for enterprise cloud and hybrid environments incorporating threat modelling and risk management principles
Assess and ensure compliance with security frameworks conduct audits document findings and drive continuous improvement initiatives
Provide strategic guidance on emerging technologies risk mitigation strategies and alignment of security controls with business objectives
Work with software development teams to ensure secure software development lifecycle in employed and create guidelines and material to document the security aspects
Audit source code to ensure compliance with security frameworks document findings and work with developer to increase the security posture of the code
Conduct penetration test and vulnerability scanning adapting/defining frameworks and processes to ensure software application are secure across the whole life cycle

Essential Qualifications & Experience:

A minimum requirement of a bachelors degree at a nationally recognised/certified University in an information systems physics or electronics related scientific or engineering discipline
A minimum of 3 years of experience in design develop and maintain robust security architectures for IT systems networks and applications.
Deep knowledge of networking cloud and application security architectures
Extensive background in defining security principles technical requirements and preventative controls for enterprise cloud and hybrid environments.
Extensive background in planning executing and leading security audits across systems applications and networks.
Extensive background in assessing compliance with NATO Enterprise security policies ISO/IEC 27001 NIST and other regulatory frameworks.
Extensive background in supporting development and enforcement of organization-wide security policies standards and procedures.
Ethical mind-set with commitment to privacy compliance and IT governance.
Deep understanding of cybersecurity frameworks including ISO/IEC 27001 NIST SP-800 series GDPR and industry-specific regulatory requirements with ability to translate standards into practical security controls
Industry-recognized security certifications such as CISSP CISM CRISC CISA CompTIA Security or equivalent credentials demonstrating commitment to professional development
Professional hands-on expertise with enterprise security tools including firewalls intrusion detection and prevention systems security information and event management (SIEM) platforms and identity and access management solutions
Strong capability to analyze security breaches identify root causes assess complex vulnerabilities and develop effective remediation strategies based on technical evidence and threat intelligence
Excellent ability to document technical security architecture produce comprehensive reports write Standard Operating Procedures communicate risk to stakeholders at all levels and work effectively across multidisciplinary teams
Good level of spoken and written English

If youve read the description and feel this role is a great match wed love to hear from you! Click Apply for this job to be directed to a brief questionnaire. It should only take a few moments to complete and well be in touch promptly if your experience aligns with our needs.

Would you like to join the leading international intergovernmental organizationThe Centre for Maritime Research and Experimentation (CMRE) is an established world-class scientific research and experimentation facility that organizes and conducts scientific research and technology development centred...

Responsibilities:

Implement and operate security controls within accreditation frameworks for enterprise systems networks and critical infrastructure including autonomous vehicles and data acquisition
Manage and maintain communication and information systems including network devices firewalls and virtualized security environments
Conduct security testing breach analysis and root cause investigations to identify vulnerabilities and implement remediation strategies
Monitor analyse and respond to security alerts and incidents using advanced threat detection tools while maintaining comprehensive incident documentation and reporting
Perform vulnerability assessments penetration testing and security evaluations to identify and address weaknesses across IT infrastructure
Deliver security awareness training to staff and ensure ongoing compliance with regulatory requirements and organizational security policies
Design develop and maintain security architectures for enterprise cloud and hybrid environments incorporating threat modelling and risk management principles
Assess and ensure compliance with security frameworks conduct audits document findings and drive continuous improvement initiatives
Provide strategic guidance on emerging technologies risk mitigation strategies and alignment of security controls with business objectives
Work with software development teams to ensure secure software development lifecycle in employed and create guidelines and material to document the security aspects
Audit source code to ensure compliance with security frameworks document findings and work with developer to increase the security posture of the code
Conduct penetration test and vulnerability scanning adapting/defining frameworks and processes to ensure software application are secure across the whole life cycle

Essential Qualifications & Experience:

A minimum requirement of a bachelors degree at a nationally recognised/certified University in an information systems physics or electronics related scientific or engineering discipline
A minimum of 3 years of experience in design develop and maintain robust security architectures for IT systems networks and applications.
Deep knowledge of networking cloud and application security architectures
Extensive background in defining security principles technical requirements and preventative controls for enterprise cloud and hybrid environments.
Extensive background in planning executing and leading security audits across systems applications and networks.
Extensive background in assessing compliance with NATO Enterprise security policies ISO/IEC 27001 NIST and other regulatory frameworks.
Extensive background in supporting development and enforcement of organization-wide security policies standards and procedures.
Ethical mind-set with commitment to privacy compliance and IT governance.
Deep understanding of cybersecurity frameworks including ISO/IEC 27001 NIST SP-800 series GDPR and industry-specific regulatory requirements with ability to translate standards into practical security controls
Industry-recognized security certifications such as CISSP CISM CRISC CISA CompTIA Security or equivalent credentials demonstrating commitment to professional development
Professional hands-on expertise with enterprise security tools including firewalls intrusion detection and prevention systems security information and event management (SIEM) platforms and identity and access management solutions
Strong capability to analyze security breaches identify root causes assess complex vulnerabilities and develop effective remediation strategies based on technical evidence and threat intelligence
Excellent ability to document technical security architecture produce comprehensive reports write Standard Operating Procedures communicate risk to stakeholders at all levels and work effectively across multidisciplinary teams
Good level of spoken and written English