Job Tittle: Lead Infrastructure and Network Security Architecture
Location: Lagos
Reporting Line: Head Information Security Architecture & Engineering (Direct Report)
Roles & Responsibilities
Adhere to the Group Information Security Policy and other policies mandated by the Group.
Develop implement and maintain the Group Network Security Standard to ensure endtoend protection of the Group s network including integrations to thirdparty and partner networks.
Develop implement and maintain the Group Infrastructure Security Standard.
Conduct infrastructure and network security assessments on the existing Group network and Cloud environment identify risks and design mitigation measures.
Lead and design network security architecture for the Group to mitigate identified security risks.
Develop maintain and enhance the security reference architecture of asis and tobe security states.
Leads efforts to define develop integrate and design security technical controls in a variety of IT environments and systems
Lead the implementation of infrastructure and network security tools to strengthen the security posture of the Group
Leads efforts to define security product specifications tools and techniques for intrusion detection intrusion prevention firewall policies network data flows encryption of data virtual private network SDWAN and cloud network security controls and policies.
Leads efforts to analyse security designs and recommends design solutions that are industry leading or best practice to lower security risk along with being knowledgeable of national and international requirements.
Mentors technical staff and management on best practices.
Knowledge & Skills
Good working knowledge of SABSA and TOGAF Frameworks.
Good working knowledge of NIST Cyber Security Framework and supporting appendices.
Experience in building security for largescale distributed and critical services.
Extensive knowledge of
o networking LANs/WANs (including VPN wireless MPLS SDWAN and any other network technology.
o firewalls including suitability delivery configuration
o routers/switches network protocols.
o certificates and PKI.
o domain user/group security and permissions.
o load balancers.
o a wide range of related technical solutions including antivirus deception techniques URL filtering (proxies) email security end point security isolation application control.
o a wide range of technical and nontechnical controls and concepts including policies procedures best practices compliance standards
o segmentation and micro segmentation
Extensive knowledge of identifying infrastructure and network related security weaknesses and ability to articulate their risk exposure to technical and business users.
Must have deep knowledge of implementing Network Admission Controls Web Filtering Controls Network Intrusion Detection/Prevention Controls API Security Gateways Web Application Firewalls Network Load Balancers.
Must have extensive knowledge of securing endtoend cloud infrastructure deployments (AWS Azure Google etc.)
Deep knowledge of enterprise network communication concepts principles and architecture.
Experience integrating Cyber Security technologies with existing technologies.
Experience implementing Cyber Security technologies with enterprise wide impact.
High level of personal integrity as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
Must be able to communicate across all levels of the organization from nontech end user community to csuite audiences.
Must be a critical thinker with strong problemsolving skills.
Ability to work with minimal supervision
Should possess excellent communication and presentation skills
Should be emotionally intelligent
Should possess strong people skills
Must be passionate about contributing to an organization focused on continuously improving consumer experiences