We are looking for Cybersecurity Architect for a Portugal opportunity (hybrid or remote).

Profile Description:

• Degree in IT Engineering, Computer Sciences, Maths or Physical sciences;
  
• Minimum 7 years’ experience in functions with a strong component in security architecture definition, cybersecurity controls definition and implementation, cybersecurity risk analysis, definition and implementation of processes and procedures in the area of cybersecurity;
• Proven conceptual knowledge of security in OT/ICS/IoT environments;
• Experience supporting and understanding industrial protocols such as OPC, Modbus, DNP3, an advantage;
• Full-stack knowledge of OT Security infrastructure on all technology layers;
• Experience with design of architecture based on Purdue Model;
• Experience on OT domain specific security solutions;
  Previous experience designing and architecting OT/ICS networks, architecting segmentations between business and OT/ICS networks, and designing secure access methods into OT/ICS production segments;
• Ability to communicate with OT/ICS business partners and provide direction on how OT/ICS networks should be securely designed and implemented;
• Provide direction on how 3rd parties can access and maintain ICS networks remotely;
• Experience with the following regulations, standards and frameworks: ISO 27001/2, IEC 62443, NIST SP 800-82;
• Good knowledge of information security domains;
• Industry recognized certifications (e.g. SABSA, CRISC, CISSP, GDSA, CSSA, GICSP) or training in cybersecurity and related fields;
• Fluent Portuguese and English speaker.

Position information:

• Security By Design Frameworks - Embed data security controls in the design phase of solutions and in IT/OT management processes. Produce blueprints, reference architectures, guidelines and policies detailing cybersecurity principles;
• Continuous Remediation - Design and promote initiatives to reduce or mitigate security risks, either from existing legacy solutions or raised with new ones, but also tackling new emerging and exploitable threats;
• Secure Business Enablers - Active advisory in RFPs, Technical Advisory Boards and Change Advisory Boards for new projects and initiatives;
• Follow up projects and initiatives planning and implementation to ensure security controls and best practices are feasible and deployed;
• Data & Privacy Committee to promote linked, understandable and consequent Cyber Security, supported in a comprehensive lifecycle of a cyber culture;
• Support GDPR, Cyber Risk and Cyber Security Assessments.