Enterprise Security Architect - IT

Key Responsibilities :

- Support the secure development of products by working with multiple product groups in an agile setup

- Keep yourself up to date on the security aspects of the products, including infrastructure security, application security and cloud security

- Work with the development teams to conduct threat modelling to the product features and provide necessary security requirements to build a secure product

- Conduct research on new technologies, security controls, security capabilities

- Work closely with the Penetration testing teams, providing testing scope and guidance, reviewing test results and communicating results and recommendations to R&D

- Provide security training sessions and conduct research on relevant security topics

- Work with the product management, implementation teams to respond to customer security related issues

- Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit

- Producing Architecture artifact as per the reference architecture model followed by the organization like TOGAF, Agile, SABSA etc

- Provide and review security implementation guidelines to map to enterprise wide security policies and standards

Skills and Experience :

- A minimum of 10 years of experience as a software developer(preferable Java/J2EE), followed by at least 2-3 years of experience as a systems/security architect

- Experienced in Implementation, configuration and troubleshooting of various security products/Technologies

- Experienced in security domains :

1) Identity & access management

2) Threat, Vulnerability & Risk management

3) Infrastructure security

4) Security Analytics (Cyber defense) and Cloud and digital security

- Experience in Designing and implementation of solutions based on SDLC and Agile framework incorporating Industry and compliance framework of NIST, ITIL, COBIT, COSO, PCI-DSS, OWASP, NVD, SANS SOX, PCI, MAS, APRA, FATCA, HKMA, ISO27001 etc