Security Architect

Job Scope / Position Summary

A Security Architect is responsible for designing, building, testing and implementing security systems within an organisation's IT network. A Security Architect is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems, and authentication protocols, as well as best practice security products.

The security architect's responsibilities include reviewing our current security measures, recommending enhancements, identifying areas of weakness, and responding promptly to possible security breaches. You will also be responsible for conducting regular system tests and ensuring the continuous monitoring of the network's security.

To be a successful security architect, you should be experienced in information security and IT risk assessment, with a strong understanding of security protocols, authentication, and security. You should also possess strong interpersonal and communication skills, and be able to work with a wide variety of people.

Main Responsibility

1. Gaining a total understanding of the organization's technology and information systems

2. Planning, researching, and designing reliable, powerful, and flexible security architectures for all IT projects

3. Performing vulnerability testing on the completed infrastructure, including risk analyses and security assessments

4. Researching the latest security standards, new security systems, and updated authentication protocols

5. Defining, creating, implementing, and maintaining all needed corporate security policies and procedures, making sure that all employees abide by them

6. Developing requirements for all IT assets including routers, firewalls, local area networks (LANs), wide-area networks (WANs), virtual private networks (VPNs), and any other related network devices

7. Reviewing and approving the installation of all firewalls, VPN, routers, servers, and IDS scanning technologies

8. Preparing cost estimates for all cybersecurity measures and identifying any potential integration issues

9. Designing critical public infrastructures (PKIs), including digital signatures and certification authorities (CA)

10. Testing the organization's final security structures to make sure they function as planned.

11. Providing technical guidance and supervision for security teams

12. Taking charge of any security awareness programs and educational efforts to better prepare non-IT personnel

13. Responding immediately to any security-related incidents (e.g., data breaches, viruses, phishing scams) and providing a complete post-event analysis once there is a resolution

14. Updating and upgrading the organization's security systems as needed

Qualification and Experience Requirement

• Bachelor's degree (or equivalent) in IT
• 7 to 10 Years IT Experience
• Understanding of ISO 27001/27002, ITIL, and COBIT frameworks
• A grasp of perimeter security controls such as firewalls, IDS/IPS, network access controls, and network segmentation
• Network security architecture development and definition
• Experience with the various aspects of wireless security such as routers, switches, and VLAN security
• Knowledge of security concepts related to DNS, including routing, authentication, VPN, proxy services, and DDOS mitigation technology
• An understanding of third party auditing and cloud risk assessment methodology