Digital Security Expert
During the project lifecycle, you are responsible for performing the following activities :
- Understand the business & IT context and guide the project stakeholders in classifying key data and system assets.
- Identify Digital Security Risks through the review of the architecture and through threat modelling. In some cases a logical & conceptual architecture will need to be made by yourself in order to be able to perform a Digital Security Risk review.
- Advise IT asset – and Business Owner stakeholders on the Digital Security Risk posture and the possible remediations
- Propose a set of Security Controls and requirements
- Design the Security Controls and provide guidance to the IT Project stakeholders for the design and building. Strive for standardization and a maximum reuse of existing security services.
- Assist in defining the security requirements for a sourcing track and assist in the Digital Security evaluation .
- Define the Digital Security Test plan by formalizing the threat & test cases to verify systems are securely built as designed.
Together with the CDSO, the enterprise security architect, the other ‘Digital Security Capability Managers , you will work with architects (enterprise- & solution-), engineers, security officers and service owners and – managers throughout the global organization to ensure that Digital Security is embedded in the different projects.