太原招聘

Job Description

Security Architect is responsible for delivering large-scale, complex security programs and integrating processes and technology to help the client achieve information security and protection under business change. The architect is responsible for designing robust security architecture and solution to meet client requirement. With solid knowledge on security solution and architecture, the architect can help client propose and evaluate the potential solution, design the detail mechanism, determine the most cost effective security architecture to achieve highly information protection under changing and risky internal and external environment.

Key responsibilities may include
Design the common security architecture asset including framework, principle, guideline and template to guide the delivery team or vendor realize an optimal security solution.
Design the detailed security architecture includes security blueprint, security standard, security level, security governance, audit, I&AM mechanism etc.
Design optimal security solution to fulfill the security requirement.
Define the product selection standard, and lead the technology evaluation and product selection activities.
Identify the gap between security requirement and security architecture, propose solution to resolve or shorten the gap.
Shaping and leading large-scale security solution full lifecycle implementation activities.
Evaluate and review the security solution proposed by vendors during design, install, test and go-live phase.
Manage delivery team or vendor to achieve project objective and establish the KPI to monitor the progress, risk and issue.
Plan and manage security diagnosis and assessment activities and define high-level program/action plans.
Recognize and handle the risk, control the deliverable’s quality and resolve the technical issues.
Plan and manage technology design activities.
Plan and manage security related capacity planning activities.
Envisioning new and innovative approaches and predicting probable business outcomes.
Influencing client direction based on security architecture design.
Establishing acceptance of designs with client executives.

Professional Skill Requirements
Deep experience on common security technology includes:
Security Technology
Security Testing Method and Tools
Security Architecture
Security Assessment
Security Standard
Common Information Security Framework
Web Security Protection e.g. SQL injection, XSS, CSRF etc.
System Hardening Method
Network Security Solution e.g. AD, LDAP, Firewall, IDS, Anti-virus, IPS, Vulnerability Assessment Tool etc.
DR and BCM

Be familiar with the common security requirement.
At least 2 years consulting firm experience.
At least 3-5 large scale security planning and implementation projects experience in last 5 years (As lead architect).
At least 8 years working experience with 6 years focus on security architecture era.
Professional certification e.g. ISO27001, CCIE-security, CISSP, Security+ is preferred.
BS in Computer Science or related, MS preferred.

Other Skill Requirements
Proven ability to build, manage and foster a team-oriented environment.
Proven ability to work creatively and analytically in a problem-solving environment.
Proactive working attitude.
Proven industry background especially in, insurance, banking, capital market.
Excellen