You are visiting this website from:
View All Jobs

Security Architect | Top-Tier Investment Bank | Multinational

Job Seekers Hong Kong SAR China Technology IT

Job Summary

  • Hong Kong SAR
  • Permanent
  • BBBH828080
  • Sep 13, 2022
  • Competitive
Job Description

A top-tier investment bank is looking for a Security Architect to join the security team, responsible for co-design architecture of various IT solutions

Responsibilities

  • Co-design security architecture of various IT solutions along with domain architects and designers
  • Drive SecArch deep dives with the requestor of the assessment
  • Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:
    • AAA - Authentication, Authorization, Auditing
    • Application Security - Session Security, Vulnerability/Pen Testing items, Input Validation
    • Secure data transport and storage
  • Periodically review security reference architecture (security blueprints) and conduct updates/enhancements
  • Participate in various Operational and Technology Risk governance processes
  • Assist in identifying new areas and opportunities of technology investment for the firm


Requirements

  • Bachelor's Degree with minimum 8 years relevant work experience in high-paced, enterprise environment
  • Hands-on Security Design experience in one or two of the following domains: Compute, Storage, Network, End User Technology, Enterprise Security Platform, Mobile, Cloud infrastructure.
  • In depth knowledge of application, network and platform security vulnerabilities. Ability to explain these vulnerabilities to developers
  • Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy-in.
  • Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.
  • Working experience in the following application/network security domains:
    • Authentication: SAML, SiteMinder, Kerberos, OpenID
    • Entitlements and identity management
    • Data protection, data leakage prevention and secure data transfer and storage
    • App Security - validation checking, software attack methodologies
    • Cryptography - encryption and hashing
  • Working knowledge of the primary operating systems (Unix, Windows, z/OS, Mac OS), the configuration and management of that platform at an enterprise scale, the security risks to that platform, and how to mitigate those risks.
  • Hands-on experience in designing one of the following technologies:
    • Enterprise Compute: Hypervisor, VMware, OS Hardening, Storage, Database
    • End User Technology: Active Directory, SCCM, Windows Clustering, Instant Messaging
    • Enterprise Security Platform: HSM, PKI, Web Proxy, Endpoint Security, DLP, SIEM, Cyber Analytics
    • Networking: Switches, routers, firewalls, proxies, VPN, and load-balancers
  • In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services
  • Previous background in programming, design and application architecture
  • Ability to influence through factual reasoning
  • Strong focus on delivery when presented with short timelines and increased involvement from senior management
  • Ability to adjust communication of technology risks vs business risks based on the audience

Good to have:

  • Experienced in testing tools, at least one of Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp
  • In order to be a practical SecArch Integrator the candidate must have experience implementing complex applications in an enterprise environment.
  • Working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby
  • DevSecOps, S-SDLC, Agile, CI/CD experience

Other Areas of Expertise:

  • Database design and programming experience
  • Experience of liaising with 3rdParty Entities (exchanges, suppliers, regulators)
  • Experience in conducting and / or reviewing penetration tests, dynamic vulnerability assessments and static vulnerability assessments
  • Understanding of geographic regulations and their impact on Security assessments
  • Previous experience in Financial Services is preferred
  • CISSP or other industry qualification

broadbean-tracking

Consultant Details

Consultant Details

Elaine Lai
Elaine Lai
  • Consultant | Technology | Contract Recruitment
  • 3907 3933
  • elai@morganmckinley.com