Strategic Security Architect & Framework Designer
Job Overview
Budget: $3,500.00
Level: Senior
Location: Not specified
Job Posted: 09 Aug, 2025
Category: Cybersecurity
Project & Company Context
Our company is at a critical juncture of growth, with a complex and expanding IT footprint that includes on-premise, cloud (AWS/GCP), and hybrid components. While we have implemented various point-solutions for security over the years, we currently lack a unified, defensible security architecture. This reactive approach has resulted in security gaps, fragmented policy enforcement, and an inefficient incident response process. We are a highly committed organization dedicated to rectifying these issues strategically and proactively. We are seeking an expert Security Architect to not just find vulnerabilities, but to design a comprehensive, long-term, and scalable security framework that will protect our assets and build lasting customer trust.
Scope of Work & Deliverables
Phase 1: Comprehensive Security Assessment (20% of Project)
Task: Conduct a deep‑dive analysis of our entire IT infrastructure, including network segmentation, cloud configurations (IAM, VPC), and existing security controls.
Deliverable: A detailed "As‑Is" Security Posture Report, identifying all vulnerabilities, misconfigurations, and policy gaps. This report must include a risk matrix with clear prioritisation (High, Medium, Low) and evidence for each finding.
Phase 2: Security Architecture Design & Blueprint (40% of Project)
Task: Based on the assessment, design a new, unified security architecture. This blueprint must be scalable and aligned with industry standards (e.g., NIST Cybersecurity Framework, Zero Trust principles). The architecture should cover network, cloud, application, and data security.
Deliverable: A comprehensive "To‑Be" Security Architecture Blueprint, including diagrams, a technical narrative, and a detailed list of recommended security controls, tools, and policies.
Phase 3: Implementation Roadmap & Handoff (30% of Project)
Task: Create a detailed, phased implementation roadmap. This is a crucial step for our internal team to follow. The roadmap must include timelines, resource allocation suggestions, and clear action items for each security initiative.
Deliverable: A "Security Implementation Roadmap" document and a handover session with our internal IT team, providing guidance and answering technical questions.
Phase 4: Post‑Project Support & Validation (10% of Project)
Task: Provide a period of support to ensure the successful initiation of the roadmap.
Deliverable: A post‑project support plan for the first 14 days, including a final review to validate that the implementation roadmap is sound and all questions are resolved.
Key Performance Indicators (KPIs) & Success Criteria
Completeness: The "As‑Is" report accurately reflects our security posture, and the "To‑Be" blueprint is comprehensive and actionable.
Strategic Alignment: The proposed architecture aligns with our business goals and future growth plans.
Clarity: All deliverables, especially the implementation roadmap, are clear, concise, and easily understood by our technical team.
Revision: The freelancer must be prepared for up to two rounds of revisions on the architecture blueprint to meet our precise needs.
Required Qualifications & Experience
Core Expertise:
Proven experience as a Security Architect, with a strong portfolio of designing and implementing security frameworks.
In‑depth knowledge of security standards (NIST, ISO 27001) and regulatory compliance (GDPR, SOC 2).
Expertise in both on‑premise and multi‑cloud security (AWS, GCP) including IAM, VPC, and encryption best practices.
Proficiency in security tools and technologies (e.g., SIEM, EDR, Firewall management).
A structured and methodical approach to problem‑solving.
Exceptional communication and presentation skills to convey complex ideas clearly.
Strong documentation abilities to create a lasting and useful resource for our company.
Duration: The total project is expected to be completed within 60 days.
Revisions: Includes up to 2 revisions of the main architecture blueprint.
Application Instructions
A cover letter outlining your experience in security architecture and why you are the right fit for this project.
A case study or portfolio demonstrating a similar project you have successfully completed.
Skills
Security architecture governance
IT strategy and planning
Cybersecurity controls and technologies
#J-18808-Ljbffr