De Heus

Overview of job

A. REPORT TO: Group Security Manager (CISO)

B. JOB PURPOSE:

• The IT/OT & Cloud Security Solutions Architect will play a pivotal role in designing, ensuring implementation, and verifying robust security solutions across our IT, OT, and Cloud environments. Additionally, this role will encompass responsibilities for OT security, ensuring secure integration and segregation between IT systems and OT environments. This position demands a deep understanding of cybersecurity principles, architectural frameworks, and best practices. Furthermore, the role will actively participate in security-related projects as a Subject Matter Expert (SME), providing specialized knowledge and guidance to ensure project success.

C. ACCOUNTABILITIES:

1. Define, Enforce, and Verify

• Develop and enforce standardized security standards and baselines across IT, OT, and Cloud environments.
• Ensure compliance with industry security standards and regulations.
• Ensure consistency in security practices through comprehensive documentation and adherence to established standards and baselines.
• Verify the implementation of security measures to ensure compliance with the defined standards and baselines by performing regular security assessments and audits.

2. Standardization

• Collaborate closely with the Cloud & Infra team, ensuring that security solutions are designed according to the established standards and baselines.
• Define security hardening measures for all IT, OT, and Cloud systems to mitigate vulnerabilities and reduce attack surfaces.
• Conduct regular security assessments and audits to ensure compliance with hardening guidelines.

3. Continuous Monitoring and SOC Integration

• Connect required log sources to the SOC for continuous monitoring.
• Ensure the proper application of SOC use cases to maintain situational awareness and proactive security posture.
• Perform firewall rule reviews and other security configurations to support advanced threat detection and mitigation.
• Provide periodic (and eventually realtime) operational outcome-driven security metrics, to be included in our security dashboard.

4. Segregation between IT & OT

• Design and implement network segmentation strategies to securely separate IT and OT environments.
• Ensure secure data exchange between IT and OT systems while preventing cyber threats from spreading across environments.

5. Security Architecture

• Develop a global security architecture and solutions that include IT, OT, and Cloud systems and solutions while ensuring efficient integration and operations in cooperation with the Cloud & Infra team.
• Lead efforts to standardize security practices across the organization, leveraging the latest technologies and methodologies.
• Stay up-to-date with the latest security systems, standards, authentication protocols, and products.

6. Subject Matter Expert (SME) in Security-Related Projects

• Participate in security-related projects as a Subject Matter Expert, providing specialized knowledge and guidance to ensure project success.
• Collaborate with cross-functional teams to define project requirements, objectives, and deliverables.
• Provide expertise in risk assessment, mitigation strategies, and security solutions design.
• Ensure that security measures are appropriately integrated into project plans and execution.

D. EXPECTED RESULTS:

• Standardized and compliant security measures are consistently defined, enforced, and verified across all IT, OT, and Cloud environments
• Security solutions are designed according to established standards and baselines, with effective hardening measures implemented across all systems
• All required log sources are integrated with the SOC, enabling proactive threat detection and the provision of actionable security metrics
• Secure network segmentation strategies are designed and implemented to prevent cyber threats from spreading between IT and OT environments.
• A global, integrated security architecture for IT, OT, and Cloud systems is developed, leveraging the latest technologies and ensuring efficient operations.
• Specialized security knowledge and guidance are provided to ensure successful project outcomes, risk mitigation, and integrated security measures

• Annual Health Check, Year End Party: once per year
• Company Trip, Team Building, Family Day: twice per year
• Health Insurance (Generali care 24/24 Insurance)
• Birthday Gift, Staff Gift
• Free parking batch