Global Security Architecture and Transformation Director (Freelance)

Company Description

Devoteam is a leading consulting firm focused on digital strategy, tech platforms, and cybersecurity.

By combining creativity, tech, and data insights, we empower our customers to transform their businesses and unlock the future.
With 25 years of experience and 8,000 employees across Europe and the Middle East, Devoteam promotes responsible tech for people and works to create better change.
Creative tech for Better Change

• Start ASAP
• Full remote
• Contract for one year

Job Description

The main objectives of the Global IT Security Transformation Office for the company are to:

• Ensure the IT security of the integrated assets, networks, systems, and any other technology solutions are matching the accepted security risk level of the company and/or TAG
• Support the company Group Head of IT Security, Risk, and Compliance in transforming the IT Security function as a result of the integration of the company  and meet the target of unified IT Security, Risk, and Compliance function
• Define a framework to enable the company integration from an IT security, risk, and compliance perspective by providing appropriate blueprints, directives, guidelines, and guidance to business and IT teams implementing the integration

Main Tasks & Responsibilities:

• Coordinate global efforts of IT security, risk, and compliance resources involved in integration to ensure the Global IT Security Transformation Office for the company  meet its objectives and alignment on design choices with stakeholders
• Coordinate IT security subject matter experts  (“IT Security Business Analysts”) to ensure consistency and adherence to Governance, Risk and Compliance framework, and standards
• Control the risk exposure, plus identify overlaps between local and global matters.
• Appreciate the risk of integration activities both in countries and globally, make adequate recommendations and follow-up action plans with IT and business as needed
• Provide IT security technologies and architecture advice and recommendation to integration teams to ensure risk is controlled
• Define any framework solution as needed to enable integration project teams to operate against a target model (i.e. propose solution blueprints for migrating servers into company  architecture solutions for public cloud, etc.

Qualifications

• 15+ years of security architecture expertise with a broad understanding of multiple security domains.
• At least 5 years of senior architect and leadership experience, preferably from a fortune 500 company
• • Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK, or equivalent is preferred.
• Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM. •
• In-depth knowledge of Risk Management frameworks and demonstrable knowledge of key Information Security standards (such as NIST, COBIT, RiskIT, ISO 17799, and ISO 27001)
• Proven knowledge and experience of Project Delivery Methodologies such as Prince 2, SCRUM and Agile.
• Positively influencing key decision makers/stakeholders of a large multi-faceted enterprise organization