My client is looking for a seasoned senior manager from infrastructure architecture background, who can join them and work towards the prject delivery.
The Job
- Enforce "secure-by-design" by participating in application development to ensure security in all phases of project development lifecycle for IT solutions and software products
- Design security solutions in security programmes to implement security tools for projects
- Develop and maintain security and infrastructure architecture (e.g. reference architectures, principles, models, templates, standards and procedures) that can be leveraged by projects and operations by BAU
- Monitor the external information security risk landscape for changes, including applicable legislative or regulatory requirements and ensure appropriate enhancements are made to policies and standards in relation to security architecture aspects
- Ensure security effectively in software development lifecycle (SDLC), including security requirements, secure design, secure coding and security testing
- Evaluate the success of the project, identifying best practices and lessons learned from the infrastructure aspect. Provide feedback to leadership and incorporate this information into future integration plans.
- Create detailed plans for the integration of new systems architecture into existing infrastructure with multi-vendor landscape.
- Lead and direct to prepare governing principles to guide decision making pertinent to infrastructure architecture.
- Communicate and validate program architecture with infrastructure teams, project management teams, and application teams
------------------------------------------------------------------------------------------------------------------------------------About You
- At least 15 years working experience in IT industry with 8 year experience of IT Infrastructure, Network and Cyber Security Architecture with global or regional exposure
- Degree holder or Industry qualification in IT-related disciplines
- Sound knowledge and understanding of latest security tools, security design methodologies, architecture frameworks and security risk assessment methods
- Sound knowledge and understanding of latest infrastructure domain across network, compute, storage, database, end user computing, broadcasting facility and design methodologies & architecture frameworks.
- Relevant professional certifications (such as TOGAF, CITA, EACOE, Certified SOA Architect,) preferred
- Microsoft Certified System Engineer (MCSE) certifications in Windows 2012 or Windows 2016.
- Knowledge of Cisco network and technologies, CCNA(P), CCIE, Linux and Unix
- Knowledge of client-server networking and database management
- Experience in security technologies including web application security, anti-bot solutions, WAF, application layer firewalls, IDS/IPS, SIEM, stateful inspection, TCP/IP, cryptography, authentication, PCI DSS, vulnerability assessment and application penetration testing
- Experience with fundamental Internet protocols: IPv4, BGP, GRE, MPLS, CDN, SSL/TLS, HTTP, FTP, DNS, SMTP, IPSec
- Broad security and technology knowledge including DevSecOps and cloud infrastructure
- Knowledge of ISMS, ISO27000 series, OWASP Top 10 and other major information security frameworks
- Detailed technology knowledge including DevOps and associated products,
- Good understanding of CI/CD pipeline security, API and gateway security, and
private and hybrid cloud infrastructure
- Sound project management experience.
- Strong written and oral communication skills, and the ability to effectively communicate with technical and non-technical audiences
- Experience with web technologies and building enterprise architecture Roadmaps
- Experience designing, integrating and managing complex infrastructure solutions
- Ability to provide technical system solutions, determine overall design direction and provide hardware recommendations for complex technical issues
- Relevant professional certifications (such as CISSP, CISA, CISM, CBCP) Preferred.
