ZERO TRUST ARCHITECT

The role is within the pharmaceutical industry and involves long-term cooperation focused on Zero Trust security architecture.

• Proven experience in Zero Trust framework design.
• Expertise in Policy Decision Point (PDP) and Policy Enforcement Point (PEP) architecture.
• Hands-on application of OWASP ASVS in defining security requirements.
• Proficient in mapping Zero Trust requirements to ISO 27002:2022 controls.
• Experience with Identity & Access Management in a Zero Trust context.
• Demonstrated ability in authoring formal security standards that align with enterprise governance.
• Capability in structured mapping of Zero Trust requirements to existing countermeasures.
• Knowledge of application-level Zero Trust principles, including micro-segmentation and service mesh technologies.
• Experience in developing Zero Trust reference architecture documentation.

Nice to have:

• Knowledge of DevSecOps principles in the context of Zero Trust.
• Understanding of Cloud IAM in Zero Trust environments.

• Design and document the Zero Trust Control Framework.
• Create a formal Zero Trust BSS standard incorporating OWASP ASVS and ISO 27002:2022.
• Develop a Zero Trust Reference Architecture outlining policy decision and enforcement point details.
• Produce a Golden Path guide for engineering teams to facilitate application onboarding to Zero Trust.
• Produce governance-quality Zero Trust documents within Bayer's BAFS framework.