Roles & Responsibilities:
• Collaborate closely with Clients to gather information security requirements, understand assets and solutions requirements by the business.
• Deliver profitable, Secure and efficient Cyber Security solutions to meet business objectives and solves clients problems.
• Capturing and translating well-defined customer security requirements into high-level solution/component designs.
• Translating high-level solution and component designs into low-level designs and implementable configurations.
• Review existing architecture, identify design gaps, and recommend security enhancements.
• Collaborate closely with project management team to ensure that overall Client’s Information Security governance strategy requirements met in client’s Group IT Infrastructure.
• Review and assess the documents (Technical proposal, HLD, LLD) of new and upgrade projects to ensure the necessary security controls are taken into consideration within the design stages of the projects.
• Lead security efforts assisting with the integration and initial implementation of solutions.
• Build internal, external and third party supplier relationships to ensure full commitment and support.
• Support the comprehension of client’s existing security solutions.
• Research and Provide subject matter expertise on security solution that would augment the controls and improve user experience across the organization and its clients.
• Understand current and emerging security threats and design security architecture to mitigate threats where possible.
• Stay abreast of new security technologies and integrate them into the security architecture design where appropriate.
• Lead and execute preparation of RFI, RFP, MSRFP, bidder response evaluations and vendor engagements.
• Develop and review information security policy, procedure and standard.
• Lead, access and recommend the security control requirement for cloud migration.
• Contributes in preparing budgets for the solutions and provide inputs for the yearly organization budgets business plan.
• Member of EAB (Enterprise architecture board) and CAB team.
General Skills:
• Ten (10) plus years of experience in IT security design, implementation and consulting.
• Leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
• Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects.
• The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background.
• Multi-vendor and industry experience is preferred.
Working knowledge:
• Security architecture, demonstrating solutions delivery, principles and emerging technologies – Designing and implementing security solutions.
• Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
• Security considerations of cloud computing during and after migration.
Familiarity:
• Understanding of IT standard and frameworks- NIST, ISO27001, PCI, COBIT and COSO.
• Understanding of the framework for enterprise architecture-SABSA (Sherwood Applied Business Security Architecture) and TOGAF (Open Group Architecture Framework)
• Knowledge of Networking concept, technology and its protocols.
• Knowledge of Server/System, Application and Database.
• Stay up to date with the latest security products and IT threats.
Education and Certification:
• BE/B. Tech in information security, engineering, mathematics, or related area. A Master’s degree in cyber security is a plus.
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Information Systems Security Architecture Professional (ISSAP)
Source link
