• Provides extensive, in-depth, technical consultation to the clients, partners, and IT Management to develop plans and directions to assure the integration of corporate business area requirements.
• Acts as cybersecurity expert for major projects.
• Leads ‘security by design’ initiative. Review architecture of business critical systems and provide recommendations that can make the systems secure.
• Thoroughly understands decision process issues of technology choice, such as design, data security, client server communication, etc.
• Evaluates and selects from existing and emerging technologies those options best fitting business/project needs
• Promotes sharing of expertise through consulting, presentations, and documentations, etc.
• Experienced, functional expert with technical and/or business knowledge and functional expertise
• Carries out complex initiatives involving multiple disciplines and/or ambiguous projects
• Displays a balanced, cross-functional perspective, liaising with the business to help improve efficiency, effectiveness and productivity
• Strategic in developing, implementing and administering programs within functional areas
• Provides guidance to team members, fostering an environment that encourages employee participation, teamwork, and communication
• Bachelor’s degree in Computer Science or a related discipline and experience in information security, or an equivalent combination of education and work experience.
• Deep knowledge of application or infrastructure systems architecture, usually having experience with multiple system technologies.
• Excellent consultative and communication skills, and the ability to work effectively with client, partner, and IT management and staff.
• Strong project management skills and a strong analytical ability.
• Five years of experience on Information Security role. Three years of experience with app dev and/or technology infrastructure
• CISSP, CSSP, or Cloud security certification preferred
• Knowledge of several high level languages, technology Infrastructure, and cloud systems is required.
Requirements/Responsibilities (Security Architecture/Authority)–
• In-depth knowledge of various cybersecurity frameworks, standards, and SSDLC
• Experience related to Threat management, data protection, encryption, Authentication/Authorization, Privilege access management, Vulnerability management systems, Attack surface management
• Very good understanding of threat modeling concepts and working experience
• Ability to establish security patterns and work with various tech teams to assist with the implementation as needed
• Very good understanding of zero-trust architecture and working experience with relevant tools/technologies
• Good understanding of concepts related to DevOps, AI/ML, docker, container, and Kubernetes
• Experience with Infrastructure as Code and relevant tools
• Experience working with teams that handle infrastructure components including Networking, Storage systems, directory services, and virtualization
• Experience with Microsoft Azure/M365, AWS, hybrid, and multi-cloud systems
• Experience working with application development and API security
• Knowledge related to IPS/IDS, Network load balancer, firewall would be a big plus
Additional Information
