AddressJob Description for:
Information Security Architect:
- Design and implement Security Architectures, frameworks, and standards to ensure the CIA.
- Provide technical leadership and guidance to security engineers, analysts, and administrators in the implementation and maintenance of security controls.
- Monitor and assess emerging cybersecurity threats, vulnerabilities and trends to proactively identify and address potential risks to the organization.
- Knowledge of secure software development frameworks, and libraries (OWASP ASVS, OWASP Top10, ESAPI) to prevent common security vulnerabilities.
- Perform threat modelling exercises to identify potential security threats and risks associated with software designs and implementations.
- Integrate Security testing tools and automation into the CI/CD pipeline to ensure security requirements are validated throughout the development process.
- Implement secure software development methodologies (S-SDLC) such as DevSecOps and Agile Security to embed security into the development lifecycle.
- Experience with security testing tools and techniques including DAST, penetration testing and Fuzz testing.
- In-depth knowledge of security technologies, including Firewalls, IDS/IPS, SIEM, DLP, Encryption, DMZ, Bastion Hosts and IAM solutions.
- Define and document security requirements, specifications, and architecture diagrams for new projects and system enhancements.
- Mentor junior penetration testers and provide training on penetration testing methodologies and tools.
- Hands-on experience with Code review tools, (like Checkmarx, Fortify, SonarQube) and static analysis scanners to identify security weaknesses in code.
Qualification:
- Any post-graduate with Information Technology or Security with good communication skills
- Overall IT experience of 12 to 15 years, with a minimum of 10 years in IT Security, Audit, or Compliance roles.
- Certifications like CISSP, (CSSLP) Certified Secure Software Lifecycle professional or OSCP.
