Enterprise Security Architect - Threat Detection (10-12 yrs)

Job Description :

Responsibility :

- Develop security strategy plans and roadmaps based on sound enterprise architecture

practices

- Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations

- Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts

- Participate in application and infrastructure projects to provide security-planning advice

- Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CIO

- Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)

- Develop standards and practices for data encryption and tokenization in the organization,

based on the organization's data classification criteria.

- Coordinate with DevOps teams to advocate secure coding practices, and to escalate concerns

related to poor coding practices to the CIO.

- Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

- Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.

Main duties :

- Design, build, implement and support enterprise-class security systems.

- Align organizational security strategy and infrastructure with overall business and technology

strategy.

- Plan, research and design robust security architectures for any IT project

- Govern Cloud Security Architecture & Implementation including vendors like Azure, AWS, GCP, etc

- Provide technical direction & oversight to integration teams from a security perspective

- Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge.

- Implementation of security measures to meet business goals, needs and regulatory requirements.

- Guide and monitor teams performing vulnerability testing, risk analyses and security assessments.

- Optimize security solutions at Infrastructure level including firewall, VPN, routers, IDS scanning technologies and servers to meet compliance.

- Work on projects with high strategic impact, setting a strategy that can be used in the long term and across the breadth of the organization.

- Create solutions that balance business requirements with information and cyber security requirements.

- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.

- Help teams to Test security systems to ensure they behave as expected.

- Define, Implement and maintain corporate security policies and procedures.

- Train users in implementation or conversion of systems.

- Respond immediately to security-related incidents and provide architectural solutions and analysis.

- Regularly communicate vital information, security needs and priorities to senior management

Qualification Essential :

- Bachelor's or master's degree in computer science, information systems, cyber security, or a related field.

- 10+ years of experience and preferably 6+years hands-on experience in security architecture

- Ability to articulate complex technical designs into requirements for consumption by delivery

squads

- Direct, hands-on experience or strong working knowledge of managing security infrastructure e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint

protection, SIEM and log management technology.

- Verifiable experience reviewing application code for security vulnerabilities

- Direct, hands-on experience or a strong working knowledge of vulnerability management

tools

- Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.

Full-stack knowledge of IT infrastructure : o

- Applications

- Databases

- Operating systems Windows, Unix and Linux

- Hypervisors

- IP networks WAN and LAN

- Storage networks Fibre Channel, iSCSI and NAS

- Backup networks and media

- Direct experience designing IAM technologies and services:

- Active Director

- Lightweight Directory Access Protocol (LDAP)

- Amazon Web Service (AWS) IAM

Strong working knowledge of IT service management (e.g., ITIL-related disciplines) :

- Change management

- Configuration management

- Asset management

- Incident management

- Problem management

Experience designing the deployment of applications and infrastructure into public cloud services.

Desirable:

Experience of working in Financial Services.

Engineering Graduate.

TOGAF Certified or equivalent

Knowledge of the below standards

o Payment Card Industry Data Security Standard (PCI-DSS)

o HIPAA-HITECH

o Validated Systems (e.g., GAMP)

o Sarbanes-Oxley

o General Data Protection Regulation (GDPR)

o Privacy Practices

o ISO 27001/2

o NIST Cyber security Framework (CSF)

o ITAR