Posted on Jun 17, 2022 by LCA Consulting Services
This position is part of the Clients Information Security and Risk Management (ISRM) Security Architecture team and is responsible for building and promoting information security capabilities and compliance for the enterprise network and applications across the Organisation.
As the Information Security Architect, you will be a key member of the ISRM team Security Architecture team. You will have a deep background in keys aspect of security architecture needed to enable and securely deliver infrastructure and applications hosted within the infrastructure and public cloud providers space. You will work collaboratively with the Enterprise Architecture team, ISRM Security Architecture and Global ISRM Service owners to ensure solutions and services are designed and adopted effectively by the business units. The position works closely with stakeholders in Infrastructure, Network Engineering, Operations, Applications, and Compliance management to ensure alignment to our Global service capabilities.
You will be an enthusiastic advocate of the globally-led Information Protection Strategy, ensuring that all global initiatives and services are appropriately adopted by Business Units, following our strategic principle of global oversight, local insight and applying outside in thinking approach.
Responsibilities will include:
- Develop and maintain a comprehensive vision and strategy for network security architecture to accomplish department objectives of protecting the systems and data hosted in the data centers and the cloud
- Understand, research, design and develop secure implementations of technology solutions, and oversee large rollouts of the same.
- End to end analysis, requirements development, design, and governance of the security processes and tools ecosystem within the Technology infrastructure, partnering with IT and business colleagues as appropriate
- Understands the drivers and requirements of the business and translates those into technology solutions, serving as a liaison between technical teams and management
- Security technical and Information Protection leadership for fine grained solutions including developing secure and sustainable security reference architectures where applicable
- Identify and document critical path decisions, make recommendations, and influence program leaders/business process owners
- Able to communicate processes' and tool automation needs to Automation Team to drive infrastructure as a code mentality.
- Participate in Scaled Agile planning and activities deploying enterprise program creating Global Network Security Services, identify customer needs, converting those into functional requirements and creating program roadmap, driving objectives and managing program backlog.
8+ years security architecture and/or security engineering overseeing network security capabilities
- Architect, designing and implement global email security solutions
- Assess current state of collaboration and mobility security controls and suggests improvements
- Leads the deployment team for DMARC, DKIM and SPF
- Designs and implements email threat prevention solutions
- Assess and recommends Threat Detection Intervention Controls for SaaS applications (eg Data Loss Prevention, Malware)
- Assess CIS Benchmarks, recommends hardening policies and manages rollout of hardening policies
- Experience in endpoint and collaboration security architecture design, documentation and best practices; understand enterprise architecture frameworks and can independently author and assess technical architectures
- Acts as subject matter expert for all topics related to collaboration, messaging and mobility security
- Works with User Experience teams to design security controls for collaboration suite
- Assess current state architecture for endpoint security and develops future state architecture and capabilities around endpoint security solutions
- Deep level understanding of TCP/IP (Transmission Control Protocol/Internet Protocol) networking and the OSI (Open Systems Interconnection) 7-layer model
- Detailed understanding of attack vectors, current threats, and their remediation strategies;
- Strong time management skills planning, organizing, and leading architecture development efforts
- Strong interpersonal and communications skills to build/maintain ongoing business relationships
- Self-Starter that requires minimal supervision, multi-tasks effectively, and can provide oversight and coaching to others for any assigned projects or tasks.
- Detailed understanding of control frameworks and reference architectures such as NIST, Cyber Security kill chain.
- Understanding of various compliance regulations/laws, and standards (eg, PCI DSS, HIPAA).
- Able to stay on top of latest cybersecurity developments and next gen platforms
Additional Knowledge & Skills
- Knowledge of healthcare, privacy, and financial compliance regulations are a great asset.
- Experience of working with SAFe (Scaled Agile Framework for the enterprise)
- Previous hands-on endpoint and/or collaboration security engineering knowledge and experience, implementing and operationalizing endpoint security toolsets.
- Strong analytical and troubleshooting skills with an understanding of IT business operations and information security.
- Able to work with suppliers and vendors to assess a true value of cybersecurity capabilities vs what they are offering as a sales pitch and how those capabilities would apply as a whole, from integrations to existing cybersecurity eco-system to their operationalization.
- Interface with other technology teams on endpoint security posture hardening and architecture development
- Solid understanding of Windows, UNIX, Linux, and web-based systems
4-year degree in computer science or related field or equivalent experience
Cyber Security and/or network related certifications (s) such as CISSP, ISSAP, GCED, or proven equal experience