Security Architecture Director - Enterprise Technology

We are seeking a highly skilled and strategic Security Architect to lead the design, deployment, and management of an enterprise-wide security architecture. In this role, you will work with a large organization that manages a sophisticated technology infrastructure and diverse application portfolio. Your expertise will be crucial in ensuring robust protection across cloud environments, web applications, and network protocols, while seamlessly integrating DevSecOps practices into our development lifecycle.

Key Responsibilities

• Develop and implement comprehensive security architectures aligned with business and technology goals.

• Create a strategic roadmap for security enhancements across cloud infrastructure, web applications, and network services.

• Lead initiatives involving advanced security technologies such as cloud security, web application security, anti-bot solutions, Web Application Firewalls (WAF), application-layer firewalls, IDS/IPS, SIEM, and cryptographic protocols.

• Oversee the analysis and enhancement of security controls involving stateful inspection, TCP/IP, authentication, OAUTH2.0, and PCI DSS compliance.

• Ensure robust vulnerability assessment programs and conduct regular application penetration testing.

• Manage and secure networks by leveraging knowledge of essential Internet protocols, including BGP, GRE, MPLS, CDN, TCP/IP, SSL/TLS, HTTP, FTP, and DNS.

• Evaluate and recommend improvements to the networking architecture to bolster security resilience.

• Maintain and enforce security best practices by aligning with frameworks such as ISMS, ISO27000 series, OWASP Top 10, MITRE, and other industry-standard guidelines.

• Ensure compliance with regulatory and industry standards through proactive security policy development and auditing processes.

• Partner with DevSecOps, cloud engineering, and development teams to integrate security within the software development lifecycle.

• Provide technical guidance, mentorship, and leadership within cross-functional teams regarding secure coding practices and risk mitigation strategies.

Required Skills and Qualifications

• Demonstrated experience in advanced security technologies, including cloud security, web application security, anti-bot solutions, WAF, IDS/IPS, SIEM, stateful inspection, TCP/IP, and cryptography.

• Proven exposure to vulnerability assessment and application penetration testing methods.

• Deep understanding of fundamental Internet protocols (BGP, GRE, MPLS, CDN, TCP/IP, SSL/TLS, HTTP, FTP, DNS) and how they impact security architecture.

• Sound knowledge of ISMS, ISO27000 series, OWASP Top 10, and MITRE frameworks.

• Familiarity with security regulatory standards such as PCI DSS.

• Experience with programming languages such as C, C++, J2EE, .NET.

• Additional experience with Flash/Flex, Web services, and website development is a strong advantage.

• Broad security and technology knowledge, with a strong understanding of DevSecOps practices and cloud infrastructure management.

• Excellent analytical, problem-solving, and communication skills.

• Bachelor’s degree in Information Security, Computer Science, or a related field, or equivalent work experience.

• Professional certifications (e.g., CISSP, CISM) are preferred.

Preferred Qualifications

• Advanced degree or further certifications in relevant fields.

• Extensive experience working within a large enterprise environment with a complex security landscape.

• Demonstrated leadership in designing and implementing enterprise-level security initiatives.

If this outstanding opportunity sounds like your next career move, please submit through "Apply Now" or send your resume in Word format to Hanson Tsien at resume@pinpointasia.com and put Security Architecture Director - Enterprise Technology in the subject header.

Data provided is for recruitment purposes only.