Information Security Architect – Cloud
Job Description
JOB DESCRIPTION
Role: Information Security Architect – Cloud
Location: ADIB UAE
ROLE PURPOSE:
Reporting to the Head of Information Security Engineering, the Information Security Architect – Cloud will design and manage the cloud security function. The incumbent will be closely working with CISO and other management team in GISD, and would be accountable to identify and protect all the ADIB's data and resources in cloud from internal and external threats. The role will be accountable for designing of the right solution to right resource to prevent unauthorized access to all ADIB data in cloud from internal & external threats.
He will be responsible for co-developing and executing the strategy, partnering with various teams, leading the workforce and ensuring that confidentiality, integrity and availability of ADIB data in cloud is not compromised:
. Development/refinement of strategy, policy, regulatory compliance, risk identification and mitigation, cloud security architecture and standards.
. Act in an internal consultant role and will analyse, recommend, develop, implement and maintain systems in cloud and processes that protect business and client information.
. To work as an individual and in a multi-disciplinary team environment to identify security gaps, develop controls. determine functional and non-functional security requirements and design solutions that meet business objectives while complying with security standards.
. Lead and govern implementation of cloud security solutions like Cloud Management Platforms, Cloud Workload Protection and Cloud Access Security Broker Platforms
. Build cloud security roadmap and plan, coordinate and drive the design, development and implementation of cloud protection solutions including
KEY METRICS:
. # of information security applications/systems & systems evaluated/assessed
. # of GISD projects and initiatives participated in
. # of risks identified and controls recommended for existing or new application and systems
. # of key performance indicators deployed and monitored
. # of BIAs and risk assessments participated in
Key Accountabilities of The Role
. Guide the design and implementation of secure cloud solutions and services across business and IT support areas.
. Driving the successful configuration and implementation of cloud security solutions to minimize the overall risk.
. Understand the tactics, techniques, and procedures utilized by threat actors to develop a more comprehensive overall cloud security posture.
. Conduct individual, independent security reviews of vendor proposals, review security architectures and recommend modifications to the information security operation to evaluate risk reduce costs or improve service.
. Develop a thorough understanding of existing ADIB networks and security controls and access levels yielding a preliminary system security concept of operations, including baseline security capabilities and requirements.
. Serve as cloud security subject matter expert, trusted advisor provide advisory and consulting services as needed to various department and project teams.
. Determine appropriate levels of system availability based on critical system functions and user access requirements: provides input on system requirements to address appropriate disaster recovery and continuity of operations requirements
. Evaluate acquisition documents against existing and proposed security architectures and designs.
. Lead cloud architecture security program, including the development and implementation of effective security design across all ADIB systems and platforms. Enforce and establish cloud security configuration baselines and security patching for all applications, systems, databases, OSs, and network assets.
. Meet with project teams and other system architects to develop system designs and project plans that include the appropriate security controls and meet security standards.
. Prepare cost estimates and identify security opportunities and issues.
. Develop cloud security architecture and frameworks (including requirements, design patterns, and other artefacts) for use in aggregating comprehensive security architecture baselines to enhance the security posture throughout ADIB.
. Understand current as well as emerging security threats and design security architecture to mitigate threats where possible.
. Overseeing and approving the cloud security architecture requirements, projects, vendor selection, and controls in order to maintain a unified vision
. Design, manage, and socialize a unified cloud Security Blueprint for technology functionality and business capabilities, in alignment with the overarching ADIB information security strategy and policies.
. Acts as information security liaison with all levels of the IT organization and with the lines of business and other internal departments and organizations. Participate as part of the contract review team for those contracts with IT or IT security implications.
. Make recommendations for standard contract language related to cloud security functions and/or requirements and provide technical stakeholders across the enterprise with architectural guidance from high-level design to detailed hands-on implementation of security controls The competencies required to undertake this role and the level at which performance would be assessed as being satisfactory are:
Specialist Skills / Technical Knowledge Required for This Role:
. BA/BS degree in Computer Science, Information Security or related field of study. A master's degree is a surplus.
. Must have a strong understanding of AWS and Azure cloud architecture, firewalls, Intrusion Detection Systems, web filtering, audit and log management, physical security control systems, real-time systems, and common operating systems.
. Knowledge of security technologies, processes, systems/applications, and familiar with banking & financial institutions applications used for: mobile & online banking, ATMs, payments, treasury, and trade finance…etc.
. Knowledge of security engineering, system and network security, authentication and security protocols, cryptography, and application security
. Knowledge of TOGAF, SABSA, ISO 27001, NESA, PCI DSS, SWIFT and other security standards and regulations
. Background in securing multi-tenant cloud and big data services, and/or designing separation controls in cloud systems.
. Familiarity with large-scale cloud migration programs.
. Understanding of security requirements and controls around Continuous Delivery / Continuous Integration.
. Possesses strong business acumen, understanding contract negotiations, budgetary disciplines, issues resolution, and be able to influence and collaborate with colleagues
. One or more of the following technical certifications: TOGAF, CCIE, CCSP, CISSP, CISA, CISM, CRISC, CGEIT, ITIL,etc.
Previous Experience:
. 7-12 years experience working within the information security and/or architecture disciplines
. 2-5 years of experience on designing and securing the cloud infrastructure and application in leading banks or financial institutions with a focus on data security
. Extensive relevant professional work experience including implementation of complex cloud migration programs,
. Experience in independently running security initiatives/projects for large global enterprise
. Planning, organizational, and motivational experience
. Experience drafting in technical and non-technical formats
. Experience presenting both extemporaneously and in formal settings
. Experience in root cause analysis, industry benchmarking, survey evaluation and data interpretation
. Experience in the areas of emergency/disaster management, physical security, critical incident stress management, risk management and business resiliency
. Experience with emergency procedure protocols and regulatory interfaces
Job Details
Employment Types:
Full time
Industry:
Banking / Accounting / Financial Services
Function:
Manufacturing / Engineering / R&D