Information Security Architect

A technical Information Security Architect job has just become available in a well-funded fintech company in Jakarta, Indonesia.

About the Information Security Architect Role:
In this role, you will automate security testing and auditing to prevent regressions and catch issues before they reach production.

Key Responsibilities:

• Codify traditional security processes to take humans out of the equation, making security consumable as a service
• Provide security expertise on system, network, encryption, authentication, and governance
• Provide hands-on supports to the Product Engineering, Service Delivery and Operation teams, Incident Response team, and Architecture Development team, including monitoring and capacity planning
• Act as the senior technical representative for enterprise security while engaging with other senior technical leaders throughout organisation in design and implementation of cloud and cloud/hybrid based implementations and solutions
• Drive the security standards and tool strategies for public and private cloud solutions
• Conduct technology assessments to establish and validate an enterprise security baseline and establish a technical direction
• Set technical standards for cloud infrastructure, containers, security baselines, policies and procedures
• Develop and implement security controls for cloud infrastructure providers
• Analyse security configurations and provide vulnerability reports
• Apply your experience with cloud services, know the pitfalls and potential security problems with traditional cloud deployments
• Participate in automation of incident prioritisation, false positives identification, correlation, vulnerability remediation

To be succeed in this Information Security Architect role, you must have experience in risk, compliance and information security policy development.

Key Requirements:

• Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience
• At least five years of prior relevant experience
• Experience in risk, compliance and information security policy development
• Knowledge of IT processes and controls and strong understanding of risk and control frameworks such as (CoBIT, ISO, NIST, ITIL, PCI)
• Knowledge of information security regulatory requirements and standards such as ISO 27001/2, SANS top 20 and NIST 800-53
• Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements
• Hands-on experience analysing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations
• Experience with vulnerability scanning solutions
• Familiarity with the DOD Information Assurance Vulnerability Management programme
• Proficiency in any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security
• In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)
• Understanding of mobile technology and OS (e.g. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands

This company is a well-funded and stable fintech firm that has offices in Jakarta and Singapore.

If you are a passionate and experienced in information security, this Information Security Architect role is right for you.

Apply today or contact me to learn further.

Due to the high volume of applications we are experiencing, our team will only be in touch with you if your application is shortlisted.