Lead Security Engineer

Company Description

Who we are: 

Forsta is the new brand for the merged businesses of FocusVision and Confirmit & Dapresy, and is a full-spectrum, Customer Experience and Research Technology solutions provider, servicing professional client enterprises directly. Our technology allows our clients to gather, analyze and share data for Voice of the Customer Programs & Market Research. If you want to join an exciting growth brand, then we are your natural choice.

Our Legal and GRC (Governance, Risk management and Compliance) department keeps us all out of trouble. This highly educated and astute group possesses lot of knowledge about how we work, how we sell, and about laws and regulations in the countries we operate in. They play critical roles in reviewing, negotiating and drafting contracts and agreements. Basically, they ensure we operate professionally, legally, and ethically with respect to everything we do.

Job Description

A security architect creates and designs security for a system or service, maintains security documentation, and develops architecture patterns and security approaches to new technologies. At this level, you will:

• recommend security controls and identify solutions that support a business objective
• provide specialist advice and recommend approaches across teams and various stakeholders
• inspire and influence others to execute security principles
• advise on important security-related technologies and assess the risk associated with proposed changes
• help review other people’s work
• research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions
• develop vision, principles, and strategy for one project or technology
• understand the impact of decisions, balancing requirements and deciding between approaches
• produce particular patterns and support quality assurance
• be the point of escalation for security advice and guidance
• lead the technical security aspects of the design of systems and services

Qualifications

Technical Skills 

• Analysis. You can monitor the analysis of a technical solution and ensure alignment to applicable legislation, regulation, an industry-specific requirements.  Ensuring analysis is re-used for similar problem sets. 
• Communication skills. You have a deep understanding and can apply security concepts to a technical level. You can effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders. You can respond to challenges. You can manage stakeholders’ expectations and be flexible, adapting to stakeholders’ reactions to reach a consensus. 
• Design secure systems. You can design and review system architectures through the development of patterns and principles. 
• Enabling and informing risk-based decisions. You can work with higher impact or more complex risks. You can advise on the impact of these and whether this is within risk tolerance. You can apply different risk methodologies in proportion to the risk in question. 
• Research and innovation. You can contribute to and inform developments on security properties in technology. You can identify new technologies and design the use of these in the business context across the organisation. You can engage with the broader security community. 
• Specific security technology and understanding. You have strong knowledge of system architectures. You can understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities. You are recognised as an expert by peers in the broader security industry. 
• Bachelor’s degree in IT Security or related vocational qualification i.e., CISSP-ISSAP, CRTSA, CNDA, GDSA or CSSA. 
• Demonstrable experience in a security architecture role or progression from a Lead/Principal Security Engineer role
• Previously worked as a lead security engineer or architect at a SaaS provider 
• Knowledge of at least two of the following key standards; SOC2, ISO 
• 27001, HITRUST and NIST 800-53 (FedRAMP) 

What you bring to the team 

• Team-oriented attitude with the ability to effectively negotiate and build consensus with various audiences during contracting activities, leveraging team members in the US and in Europe. 
• High attention to detail 
• Fluency in English 
• Must be capable of handling multiple assignments concurrently and possess excellent time management and organizational skills 
• Preference / experience of working in a fast-paced commercial environment 

Additional Information

What we offer:

Forsta is a great place to advance your career, and we have an amazing culture. To those of us who already work here, Forsta is more than “just another job”. We work hard, but Forsta is an employer that provides ample opportunities to learn, grow, and express creativity. The management team has an open-door policy and encourages collaboration at every point in every process. Our team members are much more than just co-workers – we’re all friends working toward a common goal.

• Opportunity to work in a fast-paced, market leading SaaS company, with colleagues and customers from all over the world and an experienced executive leadership team
• Exciting challenges in an international environment
• Competitive salary and regular performance reviews
• Flexible location and working environment – possibility to work from home
• Benefits like generous vacation days, employee referral bonuses, Employee Support Program, Internal Mobility program, etc.
• and many more…

Interested in joining a great team?

If you have the qualifications listed above and want to join a great team, apply now!

A copy of our privacy policy can be found here: https://www.forsta.com/privacy.html 

Our privacy policy can be found here: https://www.forsta.com.privacy.html