Security Architect - AppSec and Privileged Access Management

Job Description

Our purpose focuses on how we contribute to society, and how our business decisions can contribute to greater trust and solving important problems. In order to achieve our purpose and deliver a first-class service to our clients, we need first-class supportinternally. The people who power us - our internal teams - have a vital role to make sure we have all the right resources, services and technology to be the best we can be. Not all of us work directly with external clients. Security Solution Architect Job Requirements and Preferences:Basic Qualifications: Minimum Degree Required: High School Diploma Preferred Qualifications:Degree Preferred: Bachelor Degree Preferred Fields of Study:Information Technology, Computer Systems Analysis, Management Information Systems, Computer Engineering, Computer Programming Certification(s) Preferred:CISSP, Certified Information Systems Security Professional, International Information Systems Security Certification Consortium (ISC2) Certification, Microsoft Azure Solutions Architect, or AWS Solutions Architect Preferred Knowledge/Skills:Demonstrates intimate abilities and/or a proven record of success in understanding effective control implementation in the following domains:

• Application Security;
• Cloud & Services Hosting;
• Identity and Access Management;
• Data Protection;
• Borderless Connectivity;
• Endpoint Security; and,
• Cyber Security Operations.

Demonstrates intimate knowledge and/or a proven record of success in security technology in the following areas:

• Understanding of migration or development experience in one of the major cloud platforms;
• Possessing extensive experience in security design review and recommendations;
• Being conversant with ISO 27002:2005/2013 information security standard;
• Having a working knowledge of user and data driven design approaches as well as understanding industry leading practices for key management;
• Demonstrating architectural domain knowledge including cloud application architecture and container-based deployment;
• Understanding established Software Development Lifecycles and methodologies including agile, scrum, iterative and waterfall;
• Analysing Identity access management integration for projects to assure security;
• Identifying complex security vulnerabilities and design compensatory controls;
• Analysing network security controls, including firewall and router security configuration;
• Working in a complex and matrixed organisation;
• Partnering with and enabling the development process to assure that security requirements are met while allowing for maximum speed to market;
• Supporting a leading edge development effort by developing standardised reusable security frameworks;
• Collaborating with multiple stakeholders across functional and technical skill sets;
• Supporting and integrating with key business and strategic priorities;
• Working with developers and application architects to make IT security design recommendations;
• Assuring that effective design of security controls related to people, process, and technology are in place;
• Engaging business and technology stakeholders at all levels to gather long term goals & requirements around system security and usability;
• Aligning business requirements to complex security architecture frameworks: Designing and building security technology solutions aligned to a global central service environment;
• Translating and communicating complex technical topics into practical business terminology both verbally and in writing;
• Managing multiple security assessments and changing priorities, simultaneously; and,
• Understanding the functions applied in the support of and integration with key business and strategic priorities.