Senior Security Architect

About the role:

In your role, you will

Develop practical and versatile security requirements, architecture blueprints, and processes for the application and solution landscape in our public cloud environment

Review, advise on, and approve security concepts for a variety of digital solutions across Swiss Res IT landscape

Build and maintain relationships with key decision makers inside Swiss Res architecture teams, driving long-term cloud adoption within their core and functional IT departments

Ensure the business domain architecture is aligned with group security requirements, and feedback domain-specific requirements into the Security Team

Oversee and assure security requirements are set and implemented during application development and adhered to during the application life cycle

Advance technical and organisational security competences and adapt to emerging security trends (leading proof of concepts, for instance)

Be someone who believes in continuous innovation, is curious and relentless in finding a better way every day

About the team: The Security Team is the focal point for all security activities across Swiss Re. We are responsible for cybersecurity engineering and operations, governance, risk and compliance. We define and advance the companys security strategy. As a part of the Security Team, the Security Advisors Centre of Expertise shapes the security of Swiss Res application landscape and is the unit of choice for security-related advice on any IT project in the company. Were looking for a senior expert who is familiar with security concepts and architectures.

About you:

Your qualifications

Nobody is perfect and meets 100% of our requirements. If you, however, meet some of the criteria below and are curious about the world security architecture in a well-established cybersecurity team, well be more than happy to meet you!

What we need from you

• Passion, drive, and a belief in the value of proper security architecture as an enabler of business performance
• Significant knowledge of major cybersecurity concepts, technologies, and standard methods as well as willingness to dive into new areas
• Can-do attitude with proactive approach toward challenges, producing tangible results
• Deep expertise within several of the following cybersecurity areas:

Cloud security architecture and patterns Cloud-native development and cloud-native security controls

Automated security processes on cloud platforms

Cyber threats and mitigations on cloud platforms and serviced deployment models

Security frameworks like CIS Benchmark and Mitre ATT&CK

Microsoft Workplace and Office products in enterprise-grade configurations

• Familiarity with the implications of security standards in regulated environments
• Solid grasp of existing application and service development
• Familiarity with agile application development processes and the security challenges that come with it
• Feeling comfortable with leading through sophisticated conversations across multiple partners in a consulting and mediating way
• Ability to communicate in a clear, empathetic, and solution-focused manner and to independently create appropriate documentation
• Excellent communication skills - fluency in English, both spoken and written

Nice-to-have: Microsoft, CISSP, CCSP, SANS GIAC or similar qualifications