Duties and Responsibilities:
- Develop and maintain a comprehensive zero-trust security architecture, including identity, device, application, and network layers.
- Design security frameworks and access policies that enforce least privilege and continuous authentication across systems.
- Collaborate with IT, DevOps, and compliance teams to implement zero-trust strategies across cloud, on-premises, and hybrid environments.
- Define and apply micro-segmentation, endpoint verification, and network access control to prevent lateral movement.
- Evaluate and integrate identity and access management (IAM), multi-factor authentication (MFA), and behavior analytics tools.
- Conduct risk assessments, threat modeling, and architecture reviews to ensure compliance with industry standards and regulations.
- Document security architectures, policies, and implementation roadmaps.
Requirements and Qualifications:
- Bachelor’s or Master’s degree in Cybersecurity, Information Systems, Computer Science, or a related field.
- Proven experience designing and implementing zero-trust architectures within enterprise environments.
- Deep understanding of identity management, authentication protocols (e.g., SAML, OAuth, OpenID Connect), and access control models.
- Experience with cloud platforms (e.g., AWS, Azure, Google Cloud) and security tools (e.g., Zscaler, Okta, Palo Alto, CrowdStrike).
- Strong knowledge of NIST SP 800-207 and other zero-trust reference models.
- Excellent problem-solving skills and the ability to communicate technical concepts to non-technical stakeholders.
- Relevant certifications such as CISSP, CCSP, or Zero Trust Strategist (ZTS) are a plus.