Verisure is a global leading provider of professionally monitored security solutions. We are an international company with a start-up mindset, fast, agile, and lean, high performance and value driven. The Verisure Group creates services and products for smarter, safer, and more secure homes and small businesses, serving customers throughout 18 countries.
The Verisure Information Security team is currently seeking a talented, innovative, and passionate Security Architect to work within our Global Security Architecture & Engineering (SAE) team - supporting our growing operations on a group-wide basis. The SAE team creates the security roadmap and strategic view for Verisure Group, and defines and standardizes the security controls, tools and their configurations, alongside the security architectures and designs that developers and engineers must follow.
Reporting to the Group Head of Security Architecture & Engineering, this position will be a key member of the Information Security team with a critical responsibility to ensure that Verisure delivers secure IoT devices and services to our stakeholders. The team mission is highly relevant, as it covers both the thinking and the hands-on needed to create large-scale and long-term impact.
The role can be based in Malmo (Sweden), Madrid (Spain) or Amsterdam (The Netherlands), and works across country borders. Some travel between these main locations is expected from time to time, although the SAE team is already spread across several countries and works predominantly as a virtual team.
Main Responsibilities: Security Reference Architecture: create, maintain and communicate the security reference architecture framework of global applicability across all businesses and geographies in Verisure.
Security Architecture Reviews: evaluate and determine the resilience and suitability of technical designs to mitigate relevant cyber threats.
Security Leadership & Management: plan, manage, and deliver the security architecture to internal clients, supporting the development of the security architecture practice.
Security transformation: work on large-scale transformation programs and enhance the capacity of these programs to assess and design cybersecurity.
Communication & Influencing: cooperate with key stakeholders to influence their decision making.
What you bring: To be successful in this role, you need to be a strong technical security professional with a passion for problem-solving alongside a demonstrable track record working in multicultural and global organisations under agile practices. Along with this, you need to have significant personal drive and an analytical mindset, with the ability to anticipate risks and creatively resolve bottlenecks proactively.
You must be accustomed to collaborating with IT and business areas, being able to accommodate and adapt best practices to business reality and technology constraints. You are detailed-oriented but pragmatic, proposing solutions to complex problems under tight deadlines. You are hands-on but also believe that solid documentation is equally important. You embrace change and feel comfortable in fast-paced customer-obsessed companies.
You are hardly able to describe yourself as a security architect or an engineer, because in reality you do both: you feel comfortable working and discussing in a conceptual plane as well as getting your hands dirty trying out new products and features and building capabilities.
You bring strong experience in Software Engineering as you will be discussing technical details with Solution Architects, Lead Programmers, and other Dev roles.
Required Experience: +5 years of experience in cybersecurity, of which +3 years as security architect.
Good working knowledge of current IT risks and experience implementing security solutions.
Good knowledge of the security landscape, market and key vendors.
Experience delivering secure designs – able to design and review system architectures:
Client-Server architecture and distributed systems architecture
Event-driven, APIs and Web architectures
Integration architecture patterns
Microservices, containers and serverless
Secure Development Lifecycle
Security Protocols and Cryptography
Authentication & Authorization
Software Engineering background and experience
Knowledge and experience with automation and orchestration tools (e.g. Terraform, Ansible).
Coding / scripting experience. Passion for security-as-code approaches.
Experience with major Public Cloud providers and hybrid environments (Cloud + On-prem).
Experience writing security guidelines and standards, and working with architectural frameworks.
Experience working async in a geo-distributed team with different methods: Kanban, Scrum, etc.
Working with Infosec teams and Business Product Owners to achieve alignment between InfoSec and Business change objectives.
Strong communication skills to gather requirements, discuss architectural designs and agree on key decisions with InfoSec and Business stakeholders.
Fluent in English.
Desired Experience: Experience with Azure and AWS (IaaS, PaaS).
Experience designing Threat Models. Knowledge of MITRE ATT&CK.
Experience with UML, C4-model or any other convention or tool to document architecture designs.
Fluent in Spanish.
We believe that we make a difference every day. To do that, we need committed and engaged employees. Our people are accountable for delivering world-class service and they are passionate about making the world a safer and more secure place.
Our teams operate with integrity and respect for one another fueled by an entrepreneurial spirit. We are building a high-performance organization through investing in our people, we offer a great opportunity to personal development with an environment characterized by humbleness and knowledge sharing and to enhance the on the job training we have a training budget to ensure personal growth.
We are looking forward to your application!
#J-18808-Ljbffr
