Strategic Security Architect & Framework Designer

Project & Company Context

Our company is at a critical juncture of growth, with a complex and expanding IT footprint that includes on-premise, cloud (AWS/GCP), and hybrid components. While we have implemented various point-solutions for security over the years, we currently lack a unified, defensible security architecture. This reactive approach has resulted in security gaps, fragmented policy enforcement, and an inefficient incident response process. We are a highly committed organization dedicated to rectifying these issues strategically and proactively. We are seeking an expert Security Architect to not just find vulnerabilities, but to design a comprehensive, long-term, and scalable security framework that will protect our assets and build lasting customer trust.

Scope of Work & Deliverables

This project requires a meticulous, phased approach with clearly defined deliverables at each stage.

• Phase 1: Comprehensive Security Assessment (20% of Project)
  • Task: Conduct a deep-dive analysis of our entire IT infrastructure, including network segmentation, cloud configurations (IAM, VPC), and existing security controls.
  • Deliverable: A detailed "As-Is" Security Posture Report, identifying all vulnerabilities, misconfigurations, and policy gaps. This report must include a risk matrix with clear prioritization (High, Medium, Low) and evidence for each finding.
• Phase 2: Security Architecture Design & Blueprint (40% of Project)
  • Task: Based on the assessment, design a new, unified security architecture. This blueprint must be scalable and aligned with industry standards (e.g., NIST Cybersecurity Framework, Zero Trust principles). The architecture should cover network, cloud, application, and data security.
  • Deliverable: A comprehensive "To-Be" Security Architecture Blueprint, including diagrams, a technical narrative, and a detailed list of recommended security controls, tools, and policies.
• Phase 3: Implementation Roadmap & Handoff (30% of Project)
  • Task: Create a detailed, phased implementation roadmap. This is a crucial step for our internal team to follow. The roadmap must include timelines, resource allocation suggestions, and clear action items for each security initiative.
  • Deliverable: A "Security Implementation Roadmap" document and a handover session with our internal IT team, providing guidance and answering technical questions.
• Phase 4: Post-Project Support & Validation (10% of Project)
  • Task: Provide a period of support to ensure the successful initiation of the roadmap.
  • Deliverable: A post-project support plan for the first 14 days, including a final review to validate that the implementation roadmap is sound and all questions are resolved.

Key Performance Indicators (KPIs) & Success Criteria

This project will be deemed successful based on the following metrics:

• Completeness: The "As-Is" report accurately reflects our security posture, and the "To-Be" blueprint is comprehensive and actionable.
• Strategic Alignment: The proposed architecture aligns with our business goals and future growth plans.
• Clarity: All deliverables, especially the implementation roadmap, are clear, concise, and easily understood by our technical team.
• Revision: The freelancer must be prepared for up to two rounds of revisions on the architecture blueprint to meet our precise needs.

Required Qualifications & Experience

• Core Expertise:
  • Proven experience as a Security Architect, with a strong portfolio of designing and implementing security frameworks.
  • In-depth knowledge of security standards (NIST, ISO 27001) and regulatory compliance (GDPR, SOC 2).
  • Expertise in both on-premise and multi-cloud security (AWS, GCP) including IAM, VPC, and encryption best practices.
  • Proficiency in security tools and technologies (e.g., SIEM, EDR, Firewall management).

Methodology & Soft Skills:

• A structured and methodical approach to problem-solving.
• Exceptional communication and presentation skills to convey complex ideas clearly.
• Strong documentation abilities to create a lasting and useful resource for our company.

Project Details & Compensation

• Duration: The total project is expected to be completed within 60 days.
• Revisions: Includes up to 2 revisions of the main architecture blueprint.

Application Instructions

To apply, please submit a detailed proposal that includes:

• A cover letter outlining your experience in security architecture and why you are the right fit for this project.
• A case study or portfolio demonstrating a similar project you have successfully completed.