Senior Solution Architect (40001087)

Job Purpose

The job holder will work with the following high-level responsibilities:
- Design & govern a reliable modern enterprise security architecture / technology stack and ensure its alignment with overarching Enterprise Architecture guiding principles
- Research, build and consult security standards, best practices and high-level solution blueprints
- Regularly assess and identify improvement areas of existing security systems and required applicability of new technology

Key Accountabilities (1)

'Standardization & Governance:
- Develop and maintain the bank's security architecture framework and strategy
- Develop and maintain security policies, standards, and procedures for the bank.
- Conduct security assessments and audits to ensure compliance with security policies and standards.

Initiative / Project Delivery & Operation:
- Collaborate with other IT teams to design and implement security solutions across multiple business units and locations.
- Being part of the delivery team and ensure compliance with relevant security regulations and standards across the bank.
- Develop and maintain relationships with internal and external stakeholders to promote security awareness and best practices.
- Participate in incident response and forensic investigations for large-scale indicdents.

Key Accountabilities (2)

Improve Status Quo:
- Identify potential security risks and develop risk mitigation strategies for complex and large-scale environments.
- Evaluate emerging security technologies and make recommendations for adoption across the organization.

Key Accountabilities (3)

Other Accountabilities:
- Organize training, career development orientation for employees, foster and build human resources for the department.
- Perform other related tasks at the request of line manager.

Success Profile - Qualification and Experiences

'Qualifications
- Bachelor's or Master's degree in Computer Science, Information Security, or related field.
- Professional security certifications such as CISSP, CISM, CCSP, or GIAC are highly desirable.
- Strong understanding of security principles, technologies, and practices.
- In-depth knowledge of relevant regulations and compliance standards, such as PCI DSS, etc.
- Experience in TOGAF would be a plus.

Work Experience
- Minimum of 8 years of experience in the information security field, with at least 5-7 years in a security architecture role.
- Proven experience in developing and implementing security architecture frameworks and strategies for large, complex environments.
- Experience with leading security architecture teams and managing security architecture projects.
- Experience with security technologies such as cloud security, container security, and micro-segmentation, firewalls, intrusion detection/prevention systems, vulnerability scanners, and security information and event management (SIEM) systems in large environments.
- Proven experience in implementing security solutions across multiple business units and locations.

Foreign Language
- Good English communication

Other requirements
- Experience in Agile Product Development