Senior Security Architect

ROLES & RESPONSIBILITIES:

§ Collaborate closely with QF entities and vendors to gather information security requirements, understand assets and solutions requirements by the business.

§ Review, evaluate and propose effective and efficient cyber security solutions to meet QFIT objectives and solve problems.

§ Capturing and translating well-defined customer security requirement into high-level solution or components design.

§ Translating high-level solution and component designs into low-level designs and implementable configurations.

§ Ensure delivery of the security solutions relevant to SOW or RFPs and participate in the tendering process such as technical evaluation.

§ Review existing architecture, identify design gaps, and recommend security enhancements and ensure it is aligned with QF Cybersecurity strategy and control Framework

§ Review and assess the documents (technical proposal, HLD, LLD) of new and upgrade projects to ensure the necessary security controls and integration requirements are taken into considerations within the design stages of the projects.

§ Collaborate closely with the other teams including Strategy, Solutions, Architecture, Operations, Governance & Security and Applications to ensure that the security requirements are well identified and captured.

§ Research and provide subject matter insights and advice on security solution that would augment the controls and improve user experience across the organization and its client.

§ Understand current and emerging security threats and design security architecture to mitigate threats where possible.

§ Stay abreast of new security technologies and integrate them into security architecture design where appropriate.

§ Work closely with governance and security team to develop and review information and align to the Information security management system.

§ Lead, access and recommend the security control requirements for complete environment.

§ Contribute in preparing budgets for the security solutions and provide accordingly inputs for the yearly organization budgets business plan.

§ Member of EAB (Enterprise Architecture Board) and Internal Change management meetings.

§ Keeps IT Solution & Architecture and IT Governance Security Manager aware of key security issues, identifying and resolving potential problems and conflicts.

§ Recommends changes that impact the strategic direction.

§ Consults with project teams to ensure compatibility with existing solutions, infrastructure, and services.

§ Coordinates Security architecture implementation and modification activities.

§ Review frameworks, process models and interactions with users and other systems.

SKILLS & COMPETENCIES:

§ Ten years (10) plus years of experience in IT security design, Architecture, implementation, and consulting.

§ Must have a specialization in areas of Cyber domains such as Identity Access Management, Cloud Security, Network security, platform, application, and database security with a broad understanding of other areas.

§ Leadership, project, and team building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.

§ Demonstrated the ability to identify risks associated with business process, operations, information security programs and technology projects.

§ The ability to enterprise security subject matter expert who can explain technical topics to those without a technical background.

§ Skilled in Agile/Scrum methodology.

§ Understanding of IT security standards and frameworks - NIST, 1S027001, PCI-DSS, COBIT, SANS and COSO.

§ Understanding the framework for enterprise architecture such as TOGAF, SABSA, OR Zachman.

§ Knowledge of networking concept, technology, and its protocols.

§ Knowledge of servers/ systems, applications, and database.

§ Stay up to date with the latest security products and IT threats.

§ Excellent analytical and problem-solving skills are relevant.

§ Effective presentation skills and expert knowledge in using tools such as MS office, Visio, and other design tools.

§ Reviews of the network security measures of the company and recognize potential threats and provide risk reduction and mitigation plan.