Responsibilities:
1. Develop architecture requirements and maintain oversight
Design security controls and systems in alignment with security guidelines
Assist in the testing and evaluation of new security technologies and controls
Recommend security products, services and procedures to enhance system architecture designs
Document the design, operation, use, and expected outputs of new systems
Conduct research on modern security software architectures and network architecture design best practices
Drive continuous process improvement for the security services
2. Implement security systems
Implement new enterprise security architecture, technologies and enhancements
Identify techniques to scale up and automate security infrastructure and processes
Resolve issues that arise in implementation of new security systems
Monitor security systems for strengths and weaknesses and propose improvements to address weaknesses
3. Manage security systems
Responsible for the maintenance of security systems, platforms and associated software
Develop and implement custom disaster recovery drills and simulation tests on existing systems
Monitors, tracks and manages service faults till resolution and change requests.
Manages lifecycle of security solutions, ensuring that the solution is up-to-date and relevant to changing business needs and security landscape
Provide oversight and drive quality assurance over third party service providers
Requirements
Qualifications
Bachelor s degree in computer science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP). And competent in scripting languages (e.g. Perl, Python, etc.).
Experiences in the following areas:
1. Business Needs Analysis
Elicit and analyse business requirements from key stakeholders and assess relevant solutions and their potential impact
2. Cyber and Data Breach Incident Management
Provide root causes analysis and assessment on the implications of incidents.
3. Cyber Risk Management
Develop cyber risk assessment techniques and roll-out endorsed measures to address identified cyber security risks, threats and vulnerabilities
4. Emerging Technology Synthesis
Conduct research and identify opportunities for new and emerging technology to support the business needs
5. Infrastructure Design
Translate a broader infrastructure blueprint into technical specifications and develop prototypes for simple infrastructure components
6. Network Security
Manage network security solution
7. Security Administration
Administer, configure and troubleshoot security solution platforms, and analyse impact of patches and updates on system and networks. Minimum 4 years of administration experience (see Technologies Competencies)
8. Security Architecture
Design secure systems and define security specifications of components, integrating appropriate security controls.
9. Security Programme Management
Detail the security requirements for system architecture components and implement security programmes. Minimum 2 years of implementation experience. (see Technologies Competencies)
10. Strategy Implementation
Evaluate strategies for critical business functions to ensure plans are realistic and reflect health of business.
11. Strategy Planning
Develop resource allocation plans and implement strategies and policies
12. Technologies Competencies
Networking, Network Taps and Data Diode, Host Security (Windows, Unix, Linux), Firewall (Packet Filtering, Application, Database, Web Application), VPN (IPSec & SSL), Distributed Denial of Service Protection, Content Disarm & Reconstruction, Public Key Infrastructure, Encryption (At-rest and in-transit), Data Loss Protection, Data Integrity, User Anomaly Detection, Intrusion Prevention System, Network Access Control, Forward Proxy, Reverse Proxy, Email Security Gateway (anti-spam, anti-virus, anti-malware, sandbox, EBC), Endpoint (Email, Anti-virus, Antimalware), Threat Detection & Response (Endpoint& Network), Vulnerability Management, Web Isolation, Log Management, Security Incident & Event Management, Security Orchestration, Cloud Security, Identity & Access Management, 2-Factor Authentication, Single Sign On, Privileged User Management, Mobile Device Management
Qualifications Bachelor s degree in computer science or related field, or a similar field. Ideally, you have completed or are about to complete a Security certification (e.g. Security+, GCIA, GCIH, CISSP). And competent in scripting languages (e.g. Perl, Python, etc.). Experiences in the following areas: 1. Business Needs Analysis Elicit and analyse business requirements from key stakeholders and assess relevant solutions and their potential impact 2. Cyber and Data Breach Incident Management Provide root causes analysis and assessment on the implications of incidents. 3. Cyber Risk Management Develop cyber risk assessment techniques and roll-out endorsed measures to address identified cyber security risks, threats and vulnerabilities 4. Emerging Technology Synthesis Conduct research and identify opportunities for new and emerging technology to support the business needs 5. Infrastructure Design Translate a broader infrastructure blueprint into technical specifications and develop prototypes for simple infrastructure components 6. Network Security Manage network security solution 7. Security Administration Administer, configure and troubleshoot security solution platforms, and analyse impact of patches and updates on system and networks. Minimum 4 years of administration experience (see Technologies Competencies) 8. Security Architecture Design secure systems and define security specifications of components, integrating appropriate security controls. 9. Security Programme Management Detail the security requirements for system architecture components and implement security programmes. Minimum 2 years of implementation experience. (see Technologies Competencies) 10. Strategy Implementation Evaluate strategies for critical business functions to ensure plans are realistic and reflect health of business. 11. Strategy Planning Develop resource allocation plans and implement strategies and policies 12. Technologies Competencies Networking, Network Taps and Data Diode, Host Security (Windows, Unix, Linux), Firewall (Packet Filtering, Application, Database, Web Application), VPN (IPSec & SSL), Distributed Denial of Service Protection, Content Disarm & Reconstruction, Public Key Infrastructure, Encryption (At-rest and in-transit), Data Loss Protection, Data Integrity, User Anomaly Detection, Intrusion Prevention System, Network Access Control, Forward Proxy, Reverse Proxy, Email Security Gateway (anti-spam, anti-virus, anti-malware, sandbox, EBC), Endpoint (Email, Anti-virus, Antimalware), Threat Detection & Response (Endpoint& Network), Vulnerability Management, Web Isolation, Log Management, Security Incident & Event Management, Security Orchestration, Cloud Security, Identity & Access Management, 2-Factor Authentication, Single Sign On, Privileged User Management, Mobile Device Management