Job Category: Information & Knowledge
Job Type: Regular
Type of Contract: Permanent
Working time: Full-time
Work schedule: Day shift
Solvay is a science company whose technologies bring benefits to many aspects of daily life. With more than 24,100 employees in 64 countries, Solvay bonds people, ideas and elements to reinvent progress. The Group seeks to create sustainable shared value for all, notably through its Solvay One Planet plan crafted around three pillars: protecting the climate, preserving resources and fostering better life. The Group’s innovative solutions contribute to safer, cleaner, and more sustainable products found in homes, food and consumer goods, planes, cars, batteries, smart devices, health care applications, water and air purification systems. Founded in 1863, Solvay today ranks among the world’s top three companies for the vast majority of its activities and delivered net sales of €10.2 billion in 2019. Solvay is listed on Euronext Brussels (SOLB) and Paris and in the United States, where its shares (SOLVY) are traded through a Level I ADR program.
Solvay Busines Services (SBS) is the global organization supporting internal and external growth by integrating the major end-to-end administrative processes as well as the information services of the Solvay Group, through three strategic objectives: strategic agility and customer centricity, service excellence and talents and innovation.
Job Overview and Responsibilities
The Security and Infrastructure Solution design specialist plays an integral role in assessing, defining, coordinating and implementing infrastructure related projects. He/she will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
The Security and Infrastructure Solution design specialist will be responsible for the following activities and functions:
· Develop and maintain infrastructure security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
· Designing the architecture of the infrastructures (on premise and in the cloud) in order to improve their security maturity and putting forward solutions that will guarantee a high level of availability, in collaboration with the other technical teams (network, datacenter, cloud, enterprise architecture …) and regional teams.
· Identifying and studying the technical innovations and ensuring a technology watch (tasks are but not limited to: product roadmap, evolution of Solvay service catalog, training and competencies transfer within the internal team and to partners).
· Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
· Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
· Evaluate new services, vendors, applications and security tools, among other items, from a technical perspective, and translate the risk characteristics of these activities and functions into enterprise risk terms.
· Plan security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; adhering to industry standards
The Security and Infrastructure Solution design specialist will be expected to work collaboratively with the following individuals or departments:
· Application owners
· IS Service Owners
· Security Operations Center team
· Information Risk and Security team
· Project management office (PMO)
· Partnership (Vendor) Management Team
Education and Experience
· University degree or equivalent by experience
· 3 to 8 years of experience with enterprise, infrastructure, or application security architecture, cloud architectures
· Strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs),Cloud (AWS or GCP) Security,CASB, DLP, Web Secure gateway, Remote Access, NAC, SIEM and log management technology
· Strong working knowledge of vulnerability management tools
· Full-stack knowledge of IT infrastructure:
· Operating systems — Windows, Unix and Linux
· IP networks — WAN and LAN
· Active Directory
· Lightweight Directory Access Protocol (LDAP)
· Backup networks and media
· Understanding and knowledge of Regulations, Standards and Frameworks
In addition to the above experience, the following skills and behaviors are required:
· Ability to identify and define security architecture components as new requirements arise
· Ability to define the complete security infrastructure environment, including cloud environment
· Ability to maintain current knowledge of all relevant security technology, operations, management developments and seek opportunities to deploy new technologies that benefit the business
· Ability to assemble and test security components
· Ability to provide technical leadership on client engagement, including serving as a resource to the project team and the client by evaluating and proposing technical alternatives for resolving business and technology issues
· Ability to create security architecture scope, definition, construction, and execution
· Communication skills — The enterprise security architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues. The enterprise security architect should anticipate presenting analyses in person and in written formats.
· Adaptability - Demonstrates flexibility within a variety of changing situations, while working with individuals and groups.
· Business Acumen - Demonstrates an awareness of internal and external dynamics, and an acute perception of the dimensions of business issues
· Conceptual Thinking - Synthesizes facts, theories, trends, inferences, and key issues and/or themes in complex and variable situations.
· English spoken/written Nice-to-have:
· Knowledge of NIST, EAR and ITAR , GDPR and other regulations