Infrastructure Security Architect

Position Summary:
The Infrastructure Security Architect provides leadership on security subject matter through design & delivery of infrastructure solution architectures and development of standards & reference architectures. The Infrastructure & Security Architect provides the bridge between the domain architects and the solution architects to ensure the technology infrastructure meets the goals of scalability and complexity reduction and supports the roadmaps defined by solution architect.
Responsibilities:
• Gaining an understanding of our Current State and Target State Architecture and then working to define a strategy for our technical direction around security.
• Gather and analyze requirements from product owners.
• Develop Security Architecture for highly scalable and fault-tolerant applications that adhere to expected standards and discipline from a security posture.
• Provide technical and architectural oversight for systems and projects that are required to be reliable, massively scalable, highly available (99.999% uptime), and maintainable.
• Technical expertise in multiple disciplines within IT Infrastructure and Information Security, including: networking, virtualization, cloud computing, application security & databases
• Provide security architecture and advice in support of application security, IT infrastructure, and enterprise technology projects to ensure the integrity of the bank is protected.
• Assess project requirements related to application security, IT Infrastructure including correlation with bank's security policy and standards.
• Define, document and implement the infra & security architecture for the IT projects including but not limited to the following
1. Authentication & authorization
2. Account administration controls (provisioning, segregation of duties, validation, attestation, etc.)
3. Auditing of critical security related events
4. Confidentiality, Integrity, and Availability of the system and data.
• Align IT architecture with the bank's technology roadmaps
• Identify architectural and other security risks associated with the solution, and compensating controls where necessary.
• Identify any gaps in existing application security & infrastructure to meet project requirements and work with relevant stakeholders to mitigate the risks.
• Promote and deliver well organized IT infrastructure framework to reduce IT costs and enhance systems' performance
• Responsible for leading infrastructure assessments, making decisions on threat modeling and proper security service design and implementation.
• Acts as expert for infrastructure teams in the plan, design, and delivery of IT solutions
• Advises teams of IT technology standard requirements, methodology and processes
• Participates in proof of concepts to assist in defining technology direction and enabling business strategy.
What we are looking for
• Must have experience around Enterprise Security Architecture Security, Security Strategy and Compliance Consulting Experience creating and audit of security best practices and implementation of security principles across the organization , to meet business goals along with customer and regulatory requirements,
• Understanding of compliance regulatory requirements like ISO,PCI DSS, NESA etc.,
• Must have experience around design of security controls and product best fit analysis to ensure end to end security covering different areas of security architecture :
o Layered Security
o Zoning
o Integration aspects
o API Security
o Endpoint Security
o Data Security
o Compliance and regulations
o Threat Intelligence
o Threat Exposure & Incident Management aspects
• Must Possess strong presentation , written and verbal communication skills
• Industry Security Certifications like CISSP, CISA, CISM, CSRIC, TOGAF,SABSA etc., are preferred
• Good Understanding & Must have experience in implementing Cloud Security Controls
• Good Understanding of Cloud Platforms especially AWS and Azure
• Hands-on knowledge on designing deployment architectures on Cloud (AWS / Azure)
• Hands-on knowledge on coming up with a TCO for cloud deployment for a given architecture.
• Good Understanding of Dockers, Containers and Kubernetes
• Good Understanding of SDN technologies like ACI.
• Good Understanding of REST, SOAP Protocols, Web services etc.,
• Good Understanding of Symmetric and Asymmetric, Cryptography algorithms.
• Experience on Cloud Ops