ZERO TRUST ARCHITECT

General info:

• Location: remote

• Contract: B2B

• Rate: we’re open to your suggestions

• Industry: Pharmo

• Long-term cooperation

Zero Trust Architect role involves the development of a comprehensive Zero Trust control framework aligned with established security standards. The consultant will design and document governance artifacts, ensuring robust policy enforcement for identity, application, and data security. Key skills include extensive experience with OWASP ASVS, ISO 27002:2022, and application-level Zero Trust architecture.

Main Responsibilities

• Design and document the Zero Trust Control Framework.

• Create a formal Zero Trust BSS standard incorporating OWASP ASVS and ISO 27002:2022.

• Develop a Zero Trust Reference Architecture outlining policy decision and enforcement point details.

• Produce a Golden Path guide for engineering teams to facilitate application onboarding to Zero Trust.

• Produce governance-quality Zero Trust documents within Bayer's BAFS framework.

Key Requirements

• Proven experience in Zero Trust framework design.

• Expertise in Policy Decision Point (PDP) and Policy Enforcement Point (PEP) architecture.

• Hands-on application of OWASP ASVS in defining security requirements.

• Proficient in mapping Zero Trust requirements to ISO 27002:2022 controls.

• Experience with Identity & Access Management in a Zero Trust context.

• Demonstrated ability in authoring formal security standards that align with enterprise governance.

• Capability in structured mapping of Zero Trust requirements to existing countermeasures.

• Knowledge of application-level Zero Trust principles, including micro-segmentation and service mesh technologies.

• Experience in developing Zero Trust reference architecture documentation.

Nice to Have

• Knowledge of DevSecOps principles in the context of Zero Trust.

• Understanding of Cloud IAM in Zero Trust environments.