Description
Security Solution Architect, Hong Kong, 6-12 month contract
Reporting to the Lead Solution Architect, the Security Solution Architect is responsible for defining the target state architecture for a major information security management project. The project will deliver identity and access management platforms and network security infrastructure solutions.
Mandatory requirements:
- Candidate has lead, or significantly contributed to, enterprise projects to deliver security information management solutions
- Candidate has work experience in a Security Architect or Security Solutions Architect role preferably in a MNC.
- Candidate has previous experience working in global, large-scale security projects
- Candidate has lead or made significant contributions to projects in at least two of the following areas: Identity and Access Manager, Web/E-commerce security, Security Information and Event Management or Network and Data Centre security.
- Candidate is familiar with threats, vulnerabilities, and exposures across diverse systems, and successfully communicates this data in terms of operational risk and business relevance
- Candidate has a recognised industry certification from one of the following: ISC2, ISACA, and SANS/GIAC
Required experience
- Complex security solution design experience including cross-platform, geographically distributed and multi-data centre operations
- Product knowledge and implementation experience with vulnerability management, SIEM, IAM, IDP, remote access, PKI, NAC, web filtering, anti-malware, DDoS, wireless and mobile security
- Developing a security operations framework, including authoring incident identification and response procedures, designing security monitoring tools and privileged access management
- Demonstrated knowledge and experience in network security architecture and network perimeters, including the definition of security zones and policies
- Product knowledge and project implementation experience with major security solution vendors such as Cisco, F5, TippingPoint etc.
- Researching, authoring and implementing security configuration standards across multiple platforms such as operating system and database platforms
- Preparing RFI/RFP submissions for information security management solutions
- Interpreting and applying appropriate Standards, Policies and Legislation, eg ISO27001, PCI DSS, COBIT, SOX, data privacy laws, etc
- Risk management knowledge and skills, eg ISO 31000
- Experience in balancing security controls and network performance
- Disaster recovery or business continuity planning experience
- Understanding of cloud security concepts and technologies
- Exposure to MSSP environments
- Exposure to IT GRC concepts and tools
All living and accommodation costs are to be met by the contractor. You will be provided with one return flight paid for by the client.