Cloud Security Architect (H/F) - sodexo

§ Be part of BRS Global Security Teams. Working in close collaboration of Sodexo Group Security Architecture teams and BRS Architecture teams.

§ Provide technical guidance and advice as the Azure Security Subject Matter Expert on architecture, design and configuration to define secure, scalable and resilient cloud architecture

§ Define technical and functional security pre-requisites in main cloud projects, in line with IT and information security strategies, notably regarding digital identities and cloud integration

§ Assess security risks and define appropriate security measures and processes in main business projects to protect data and systems prior go-live and roll-out

§ Provide security support to regions and BU's (including Global teams) to migrate and/or deploy assets in Sodexo public cloud

§ Analyze business and IT requests impacting information and systems security in the Sodexo public cloud, and propose mitigating measures

§ Assess the security cloud services (IaaS, PaaS, SaaS) to validate their use for Sodexo and define the homologation conditions

§ Contribute in the definition of Sodexo security best practices, security governance and processes

§ Manage cloud security projects (identification and formalization of requirements, testing and selection of solutions, contract negotiation, pilot, implementation)

§ Develop an automated approach to Security Operations in the cloud

§ Support entities in deploying security solutions taking into account business requirements (internal business owners, clients, BU CIOs, group internal control, group internal audit, external auditors, ...)

§ Support onboarding of Regional 3rd parties to ensure Sodexo security standards are followed on design and implementation activities.

§ Act as a referent with Microsoft Azure on the Cloud Security topics

§ Bachelor's degree in Information Technology, Information System Security, Cybersecurity, or equivalent technical experience

§ 5+ years of experience in Information Security (consulting or in a technical IT department)

§ Proven experience with Microsoft Azure (AWS is a plus)

§ Holder of Microsoft Azure and/or cloud security certification(s): CCSK, CCSP, Microsoft AZ-300, AS-301, AZ500 certifications

§ Information Security Certification is a plus: ISO 27001, CISSP or CISM or other equivalent

§ Experience and knowledge in risk assessment methodologies (ISO27005, eBIOS, etc.)

§ Strong technical background (network, system, database, application), including Microsoft Azure experience (AWS is a plus)

§ Ability to write technical documents, which clearly describe design decisions, technical choices and implementations

§ Strong interpersonal and communication skills, ability to explain, convince, and interact with IT, business and third parties

§ Fluent in English (French & Spanish is a plus)