• Develop and document supply chain risks for critical system elements, as appropriate;
• Provide enterprise information security and supply chain risk management guidance for development of the Continuity of Operations Plans;
• Develops, modifies, enhances, and sustains new or existing computer applications, software, or utility programs following software security best practices throughout the software lifecycle;
• Develops technical security solutions to meet the defined requirements;
• Analyze corporate needs and requirements to plan system architecture;
• Collaborate with system developers to select appropriate secure design solutions or ensure the compatibility of system components with Corporate security strategy.
• Design system architecture or system components required to meet business needs;
• Develop information security designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data;
• Document and address organization's information security, information security architecture, and systems security engineering requirements throughout the acquisition lifecycle;
• Identify and prioritize critical business functions in collaboration with organizational stakeholders;
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Knowledge of cryptography and cryptographic key management concepts;
• Knowledge of human-computer interaction principles.
• Knowledge of industry-standard and organizationally accepted analysis principles and methods;
• Knowledge of information theory, including source coding, channel coding, algorithm complexity theory, and data compression;
• Knowledge of information technology (IT) architectural concepts and frameworks;
• Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]);
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management);
• Knowledge of systems testing and evaluation methods.
• Knowledge of key telecommunication concepts (e.g., Routing Algorithms, Fiber Optics Systems Link Budgeting, Add/Drop Multiplexers);
• Knowledge of the systems engineering process;
• Skill in applying and incorporating information technologies into proposed solutions;
• Skill in designing the integration of hardware and software solutions;
• Skill in design modeling and building use cases (e.g., unified modeling language);
• Knowledge of the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DODAF], Federal Enterprise Architecture Framework [FEAF]);
• Knowledge of Personally Identifiable Information (PII) data security standards;
• Knowledge of information technology (IT) supply chain security and risk management policies, requirements, and procedures;
• Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth);
• Knowledge of network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools;
• International certifications in Information Security such as CRTSA, CNDA, GDSA, CİSSP- İSSAP are desirable;
• Fluent Azeri and English language skills.