Security Architect (PROJ-4315)

Job Duties and Responsibilities

• Use and implementation of products relating to Cloud Identity Management (e.g. Azure Active Directory).
• Architecting and designing Cloud (Azure or AWS) solutions to meet technical and business requirements.
• Collaborating with cross-functional teams to optimize Cloud (Azure or AWS) services for cost, performance, security and reliability; while adhering to best practices and relevant standards.
• Produce high-level architecture artefacts for communication purposes (e.g. representations of current and to-be state architectures).
• Develop solution designs across corporate (ERP/HCM etc), SaaS, PaaS, and Hybrid/Cloud technologies.
• Lead governance and compliance of solution implementation to ensure conformance with the design and develop end-to-end solutions and architectures that drive positive business outcomes.
• Review and provide quality assurance of solution architecture provided by external vendors and suppliers.
• Lead evaluation of new technologies including management strategies and remediation actions for various platforms.
• Provide input to the strategic direction of technology investments that maximise return and minimise risks.
• Provide technical guidance to Data and Integration teams to support the delivery of new project initiatives.
• Provide thought leadership to business and the IT community on how to better use technology to address business and IT-related complexities.
• Working closely with the industry cloud provider to architect feasible and viable solution architectures.

Technical skills required include:

• Deep understanding of micro services architecture, security configurations, and integrated hybrid architectures.
• Experience gathering technical requirements, provide solution and producing quality technical designs.
• Strong knowledge and understanding of Cloud (Azure or AWS) Infrastructure-as-a-Service (IaaS) features, such as Virtual Machine (VM), Virtual Network (VNET), Virtual Private Network (VPN), Express Route.
• Strong knowledge and understanding of Cloud (Azure or AWS) Platform-as-a-Service (PaaS) features.
• Strong Knowledge and experience in Cloud backup and disaster recovery including experience with multi-cloud platforms (Azure, AWS, GCP), various corporate systems, infrastructure and security.
• Experience with assessment, development, implementation, optimisation, and documentation of a comprehensive and broad set of security technologies, automation, and processes on secure
• Ability to develop and execute long-term strategies for cloud and infrastructure alignment with business objectives.
• Strong analytical abilities with a record of delivering innovative solutions.
• Familiarity with Cloud Security Architecture in AWS and/or Azure is desirable.

Essential criteria

• SCTY5 Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems. Investigates major breaches of security, and recommends appropriate control improvements. Contributes to development of information security policy, standards and guidelines.

• INAS5 Interprets information assurance and security policies and applies these in order to manage risks. Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines. Uses testing to support information assurance. Contributes to the development of policies, standards and guidelines.

• DESN5 Specifies and designs large or complex systems. Selects appropriate design standards, methods and tools, consistent with agreed enterprise and solution architectures and ensures they are applied effectively. Reviews others’ systems designs to ensure selection of appropriate technology, efficient use of resources, and integration of multiple systems and technology. Contributes to policy for selection of architecture components. Evaluates and undertakes impact analysis on major design options and assesses and manages associated risks. Ensures that the system design balances functional, service quality, security and systems management requirements.

Desirable criteria

• SCAD5 Monitors the application and compliance of security operations procedures. Reviews actual or potential security breaches and vulnerabilities and ensures that they are promptly and thoroughly investigated. Recommends actions and appropriate control improvements. Ensures that security records are accurate and complete and that requests for support are dealt with according to agreed procedures. Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.

• VALUS4 Collates and analyses catalogues of information and technology assets for vulnerability assessment. Performs vulnerability assessments and business impact analysis for medium complexity information systems. Contributes to selection and deployment of vulnerability assessment tools and techniques.