Share this Job

Lead IT Architect (Security)

Date: 10-Jan-2021

Location: Singapore, Singapore

Company: Singtel

Overview

The Security Architect Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.

 

Key Roles & Responsibilities

  • Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
  • Design, build and implement enterprise-class security systems for a production environment
  • Align standards, frameworks and security with overall business and technology strategy
  • Identify and communicate current and emerging security threats 
  • Design security architecture elements to mitigate threats as they emerge
  • Create solutions that balance business requirements with information and cyber security requirements
  • Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
  • Use current programming language and technologies to writes code, complete programming and performs testing and debugging of applications
  • Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
  • Verifies security systems by developing and implementing test scripts.
  • Train users in implementation or conversion of systems
  • Enhances security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
  • Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
  • Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
  • Prepares system security reports by collecting, analysing, and summarizing data and trends.
  • Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
  • Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.

 

The Ideal Candidate Should Have Experience In/Be

  • Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
  • Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
  • Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
  • Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
  • Experience in information security management and related functions such as IT Risk Management
  • Ability to align business requirements to information security policies
  • Aptitude for translating information security requirements into IT security solution
  • Project management skills
  • Experience with knowledge of
    • Programming languages like Java/J2EE, .Net, Python API/web services, scripting languages and a relational database management system (RDBMS) such as MS SQL Server, Oracle or OSS-based.
    • Relevant National Institute of Standards and Technology (NIST) standards. A system that is not in compliance with the standards set by NIST, along with ISO27001, COBIT and COSO (below), will lack both compliance and adequate security architecture.
    • ISO27001 – specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organization’s risk management
    • Control Objectives for Information and Related Technologies (COBIT)
    • Committee of Sponsoring Organizations (COSO) of the Treadway Commission, a joint initiative to combat corporate fraud
    • Windows, UNIX and mainframe
  • Certification in appropriate technologies is an advantage
  • Attention to detail
  • Self-motivated with a positive “can-do” attitude, creative with excellent presentation, communication, negotiation and interpersonal skills including strong persuasive techniques.
  • Proficient in written and spoken English
  • Degree in Computer Science / Computer Engineering / Information Technology related field, or IT equivalent
  • Ability to travel as required.