Principal Security Architect
Security
職務概要
● Design & Implementation: Design and assist in the implementation of network and computer security. Maintain and enforce security standards, blueprints, and patterns. ● Risk Management: Liaise with business and IT stakeholders to clearly communicate and treat risks, ensuring compliance with security standards. ● Project Involvement: Review IT Security feedback on business cases, participate in solution design discussions, and ensure high-level designs address security risks. ● Security Requirements: Create and maintain security architecture requirements, standards, blueprints, and patterns. Review and approve low-level design documentation. ● Testing & Verification: Facilitate penetration testing activities, ensure proper scoping and communication of results, and verify that security activities meet requirements. ● Change Management: Serve as a key member of the Change Advisory Board, ensuring compliance with security standards during changes and emergency implementations. ● Collaboration: Collaborate with Cybersecurity stakeholders (e.g., Cyber Risk Management, Security Engineering) to ensure timely and high-quality execution of security activities. ● Leadership & Strategy: Contribute to the Information Security strategy, provide education and awareness on security standards, and support Mergers, Acquisitions, and Divestment (MAD) activities. ● Compliance: Ensure adherence to Information Security policies and standards, author/review such policies annually, and manage complex integration issues across multiple vendors..
必要なスキルと経験
Technical Expertise: ● Proficiency in frameworks such as TOGAF and/or SABSA. ● Strong understanding of NIST Cybersecurity Framework, NIST Secure Software Development Framework, and threat modeling frameworks (e.g., STRIDE). ● Advanced knowledge of encryption protocols, network security, mobile security, and cloud architecture. ● Strong understanding of layered security and application layer vulnerabilities. Experience: ● At least 7-10 years in a security-related role, preferably in a regulated environment. ● Significant experience with risk management methodologies and managing an Information Security Management System (ISMS). ● Experience in presenting security topics at conferences. ● Proven problem-solving skills and the ability to work within a multidisciplinary team. Certifications: ● Relevant certifications such as (ISC)² CISSP, ISACA CISM/CISA/CRISC, SANS GIAC, ISO27k LA/LI. Soft Skills: ● Strong communication and report-writing skills, with the ability to relate technical issues to non-technical associates. ● Proven ability to drive high security standards across an organization. ● Ability to maintain composure under pressure and work calmly during emergencies. ● Strong vendor management experience. Knowledge: ● Familiarity with laws, regulations, industry standards, and guidance related to Data Protection and Information Security. Additional Skills: ● Solid awareness of the current threat landscape and modern solution architectures, incorporating zero-trust principles. ● Knowledge of operating systems (Windows, Unix, Mac OS) and cloud service provider technologies. Language: ● English proficiency is required.
この求人に応募する理由
● Working in an international, dynamic and professional environment with many opportunities to develop career. ● Having opportunities of being trained oversea and working directly with oversea customer. ● A stable and rewarding position where your long-term commitment will be highly valued. ● Technical & Soft skills internal training courses. ● Many company activities (Sport and music festival, TMA Futsal league …) are held annually. ● Competitive salary and bonus. ● Total Health Care Insurance. ● Loan Fund. ● Team Building Fund.
類似の仕事
チャット
