Lead network security architect
Responsibilities:
· Participate in global security architecture forum on global network security solutions for zero-trust and micro-segmentation.
· Working with the Network engineering team and voice team, embed network security controls into network, network security and voice service solutions.
· Design/review cloud network security architecture for new data centers.
· Define or review security hardening standards for various infrastructure technologies. Review effectiveness of hardening compliance checks.
· Classify subnets into zones and subzones for network security policy enforcement.
· Assist implementation of new zero trust micro-segmentation solutions such as defining use cases, trust zones, defining policies, approving exceptions.
· Working with the project risk assessor and the project team, proactively identify security risks in infrastructure design and implementation projects.
· Review and document current system security measures and recommend enhancements.
· Establish and automate a process for annual review of firewall rule and cloud network security ACLs.
· Lead network security remediation projects.
· Enhance micro-segmentation for cloud network.
· Design automated process for continuous monitoring of network security.
· Review, assess vulnerabilities affecting network and voice systems managed by the network team.
· Perform annual RCSA exercise with the network team to check compliance with all security standards across all products.
· Provide oversight and guidance to the network team to measure if all expected security controls are established and operated effectively.
· Be a facilitator in network security audit.
· Respond to regulatory inquires on network security matters.
Requirements :
· Information security (CISSP, CISM, SANS) and auditing (CISA) designations.
· A minimum of 10 years of experience in progressively responsible IT security roles.
· Broad knowledge of security architecture and controls in various infrastructure platforms (e.g. hosting networking, end user technology, cloud computing including Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).
· In-depth knowledge and experiences on network security aspect of zero-trust strategy and its implementation.
· In-depth knowledge and experiences on networks security related processes and controls, products, features, especially on cloud network security.
· Ability to challenge the status quo, assess business risk and make appropriate decisions. Ability to deal with a constantly changing environment and the diverse and complex issues associated with it.
· Good understanding of IT Governance and Risk Management
· Collaborating with management to obtain a consensus on establishing the problem, risks exposure, and corresponding recommendation to resolve the risk exposure.
· Excellent skills required for interacting with cross functional teams in different locations. Demonstrated ability to work effectively in diverse environments and cultures, across a number of office locations.
· Demonstrated ability to deal effectively with staff at all levels from engineers to AVPs.
· Ability to manage multiple tasks for multiple stakeholders which will need to be prioritized. Results oriented; ability to balance multiple priorities and projects.
Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.