Zero Trust Assessment Architect
Location: Sweden
Job Summary:
We are seeking a highly skilled and experienced Zero Trust Assessment Architect to lead, design, and execute Zero Trust maturity and risk assessments across identity, devices, workloads, data, networks, and applications. This role is crucial in helping the organization identify security gaps, recommend actionable controls, and drive the roadmap for Zero Trust adoption. You will work cross-functionally with security, infrastructure, cloud, and compliance teams to assess current-state capabilities and recommend industry-aligned improvements based on NIST 800-207, CISA ZTMM, and other frameworks.
Key Responsibilities:
- Lead Zero Trust Assessments across multiple pillars: identity, device, network, application, workload, and data.
- Define the Zero Trust maturity model and develop custom assessment frameworks based on industry standards (e.g., NIST SP 800-207, CISA, Microsoft ZTX, Forrester).
- Conduct workshops, interviews, and deep-dive reviews with business and technical stakeholders to evaluate current-state security controls.
- Identify risks and gaps in alignment with Zero Trust principles and map them to business impact.
- Create detailed assessment reports, control gap matrices, and executive summaries with actionable remediation plans.
- Develop or enhance Zero Trust strategy roadmaps, aligned with organizational goals and compliance requirements.
- Provide architectural guidance and best practices to integrate Zero Trust principles across legacy, hybrid, and cloud-native environments.
- Stay updated on threat landscape, relevant technologies (e.g., identity providers, EDR/XDR, SDP, CASB, SWG, SASE), and industry trends.
- Work with solution teams and security operations to ensure that identified gaps are prioritized and remediated.
- Present findings and recommendations to executive leadership and board-level audiences.
Required Qualifications:
- 12-18 years of experience in cybersecurity, with proven experience of delivering Zero Trust architecture or security assessments assignments.
- Proven experience assessing and/or designing Zero Trust security controls across one or more domains (identity, device, data, network, workload, application).
- Deep knowledge of frameworks and models likes of NIST 800-207, CISA Zero Trust Maturity Model, Forrester ZTX, ISO 27001, CIS Controls.
- Strong understanding of enterprise IT environments including Active Directory, Azure AD, Endpoint Security, EDR/XDR, VPN, SD-WAN, CASB, SaaS/IaaS.
- Experience in conducting technical assessments and risk analysis and providing maturity scoring.
- Strong communication and stakeholder engagement skills, including experience with executive-level reporting and presentation.
Preferred Qualifications:
- Industry certifications (any one as minimum): CISSP, CCSP, CISM, Microsoft SC-100, SANS GIAC, TOGAF, or Zero Trust specific credentials.
- Knowledge of OT/ICS Zero Trust applications is a plus.
- Cloud security expertise (Azure, AWS, GCP) with understanding of shared responsibility models.
Job Type: Contract
Contract length: 6 months
Pay: Up to 9 000,00kr per day
