Our client, a leading insurance group in Asia is looking for a Security Architect to comply with their increasing Cyber Security defense need. Great exposure and scale to work with one of the most prominent firms in the region.
Responsibilities:
Develop and maintain the cyber security architecture design, framework, roadmap, and policy.
Lead the technology assessment across cybersecurity including Session Security, Vulnerability/Pen Testing items, and Input Validation.
Lead the review of key digital applications and core IT systems including Authentication, Authorization, and Auditing.
Provide lead software delivery practices across design, delivery, and coaching.
Lead the design and build of security reference architecture and security blueprints.
Develop and maintain security architecture artifacts.
Act as a Security SME and review implementation design to the application and Infrastructure team, where it will meet the industry security standards.
Conduct Technical risk assessments to capture security exceptions and design associated compensating controls based on the assessment results.
Lead the infrastructure and application security framework and provide security assessments.
Work with other key Technology Leaders including Software, Data, and Infrastructure on Security standards and architecture design.
Requirements:
At least 8 years of experience in the Cyber Security space.
Experience in the Financial industry or major regional enterprise environment would be a great plus.
Ability to articulate security principles and security risks to non-technical business stakeholders.
Strong leadership experience in leading a delivery and architecture role.
Extensive knowledge of application, network, and platform security vulnerabilities. Ability to explain these vulnerabilities to developers.
Experience in designing and maintaining cyber security framework and policy, including network, application, endpoint, data, identity management, database and infrastructure, and container or cloud security.
Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
Good knowledge of Enterprise Architecture frameworks such as TOGAF, Zachman, etc.
Security Certificates in CISSP, CISM, or equivalent.
Exposure to Cloud, Network and automation infrastructure would be a great plus.
Excellent communication skills in English.
Bachelor's Degree in Computer Science or related field from a reputable University.