Aufgaben
Within the IT Services Europe Team, we need to hire an Information Security Architect to cope with the exciting and challenging projects related to Security at Mercedes Benz in Europe.
Position Overview:
As a Mercedes-Benz Information Security Architect, you will be responsible for defining and supporting application security requirements throughout the project lifecycle, with a primary focus on performing Threat Modeling. Your role will involve executing ongoing security reviews, supporting project teams, and ensuring compliance with corporate security guidelines and regulatory requirements.
Key Responsibilities:
* Define application security requirements for design and support project teams throughout the project lifecycle.
* Conduct ongoing application security reviews of system design and functionality, providing suggestions at every project phase.
* Assist project teams in defining and periodically reviewing the security profile of each system/application.
* Propose mitigating measures when enhanced protection is lacking.
* Ensure that security risks are addressed by project teams and that technological, architectural, or design decisions comply with corporate security guidelines and policies.
* Ensure compliance with information security regulatory requirements.
* Implement security policies and procedures across all units and processes.
* Maintain constant vigilance over critical information assets.
Qualifications and Technical Knowledge:
* Extensive experience as a security architect, with a deep understanding of software technology and functionalities.
* Proficiency in cloud technologies, especially AWS.
* Knowledge of Identity and Access Management, including SSO, directory servers, and domains.
* Familiarity with SDLC and DevSecOps.
* Expertise in threat modeling and providing guidance on countermeasures and threat mitigation techniques.
* Ability to define and implement security requirements for system design and add security requirements to existing systems.
* Understanding of penetration testing and ethical hacking concepts, with the ability to analyze and address identified weaknesses.
Experience and Skills:
* A minimum of 5 years of professional experience in the security field, with extensive experience in large IT projects, application security assessments, and audits.
* Highly organized and disciplined.
* Customer-oriented with strong team collaboration skills.
* Effective communication skills with various stakeholders.
* Conflict resolution skills and the ability to mediate and create agreements in scenarios with differing interests.
* Proven architecture modeling skills and an understanding of infrastructure architecture standards.
* Fluent in written and spoken English (additional languages are desirable).
* Desirable certifications: CISSP, CSSLP, CCSP, AWS.
#J-18808-Ljbffr