about 2 months ago
The successful candidate will be responsible for developing and maintaining security architecture across the entirety of this high profile, cross border, company. You will design information systems to support the enterprise security and infrastructure of the company as well as ensure that all systems are working at optimal levels and support the development of new technologies and system requirements.
This role will be interesting, and challenging, operating in a highly secure environment and will compensate accordingly. International applications are welcome.
- Enforce "secure-by-design" by participating in application development to ensure security in all phases of project development lifecycle for IT solutions and software products
- Design security solutions in security programmes to implement security tools for projects
- Develop and maintain security and infrastructure architecture (e.g. reference architectures, principles, models, templates, standards and procedures) that can be leveraged by projects and operations by BAU
- Monitor the external information security risk landscape for changes, including applicable legislative or regulatory requirements and ensure appropriate enhancements are made to policies and standards in in relation to security architecture aspects
- Ensure security effectively in software development lifecycle (SDLC), including security requirements, secure design, secure coding and security testing
- Evaluate the success of the project, identifying best practices and lessons learned from the infrastructure aspect. Provide feedback to leadership and incorporate this information into future integration plans
- Create detailed plans for the integration of new systems architecture into existing infrastructure with multi-vendor landscape
- Lead and direct to prepare governing principles to guide decision making pertinent to infrastructure architecture
- Communicate and validate program architecture with infrastructure teams, project management teams, and application teams
- At least 15 years' working experience in IT industry with 8 years experience of IT Infrastructure, Network and Cyber Security Architecture with global or regional exposure
- Degree holder or Post-Graduate qualification in IT-related disciplines
- Sound knowledge and understanding of latest security tools, security design methodologies, architecture frameworks and security risk assessment methods
- Sound knowledge and understanding of latest infrastructure domain across network, compute, storage, database, end user computing, broadcasting facility and design methodologies & architecture frameworks.
- Sound project management experience.
- Strong written and oral communication skills, and the ability to effectively communicate with technical and non-technical audiences
- Experience with web technologies and building enterprise architecture roadmaps
- Experience designing, integrating and managing complex infrastructure solutions
- Ability to provide technical system solutions, determine overall design direction and provide hardware recommendations for complex technical issues
- Relevant professional certifications (such as CISSP, CISA, CISM, CBCP) preferred
- Relevant professional certifications (such as TOGAF, CITA, EACOE, Certified SOA Architect,) preferred
- Microsoft Certified System Engineer (MCSE) certifications in Windows 2012 or Windows 2016.
- Knowledge of Cisco network and technologies, CCNA(P), CCIE, Linux and Unix
- Knowledge of client-server networking and database management
- Experience in security technologies including web application security, anti-bot solutions, WAF, application layer firewalls, IDS/IPS, SIEM, stateful inspection, TCP/IP, cryptography, authentication, PCI DSS, vulnerability assessment and application penetration testing
- Experience with fundamental Internet protocols: IPv4, BGP, GRE, MPLS, CDN, SSL/TLS, HTTP, FTP, DNS, SMTP, IPSec
- Broad security and technology knowledge including DevSecOps and cloud infrastructure
- Knowledge of ISMS, ISO27000 series, OWASP Top 10 and other major information security frameworks
- Detailed technology knowledge including DevOps and associated products, CI/CD pipeline security, API and gateway security, and private and hybrid cloud infrastructure
- Detail oriented and have a strong commitment to excellence
- Fluency in English, oral and written, is a prerequisite.