Our client, a leading investment bank, is urgently looking for a Security Architect to join their team and help manage their security architecture covering application, infrastructure, and cybersecurity. Great exposure and an opportunity to join one of the leading financial institutions in the region.
Act as the SME to review the security architecture in Application, Infrastructure, Cloud Computing, and banking/trading applications.
Lead the technology assessment and security controls reviews, including scope, roadmap, and testing plans for key cybersecurity controls.
Working with different teams across the bank for project security assessments: both high- and low-level architecture designs, and providing recommendations to mitigate identified risks and ensure compliance with relevant regulatory requirements, etc.
Review applications including Authentication, Authorization, and Auditing.
Review security reference architecture and security blueprints.
Third-party risk assessments, regulatory reviews, as well as participating in regional and global governance meetings and committees when required.
At least 10 years of experience in the IT Application Security space.
Ability to articulate security principles and security risks to non-technical business stakeholders
Security Certificates in CISSP, CISM, or equivalent.
Knowledge of the common application layer vulnerabilities (eg. OWASP 10), ability to explain these risks, and recommend countermeasures to mitigate these risks.
Extensive knowledge of application, network, platform security vulnerabilities, and security hardening standards (eg. NIST). Ability to explain these vulnerabilities to developers.
Ability to review the code of enterprise applications and identify possible security vulnerabilities.
Experience in conducting Information Security, IT Security, and Audit assessments. Presenting the outcomes of the evaluation and obtaining buy-in.
Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
Excellent communication skills in English, this role will work with senior peers and stakeholders across the region.
Bachelor's degree in Computer Science, Engineering (or related) from a reputable University.