Chief Information Security Officer

We are looking for an experienced Cybersecurity Architect to join our team. The successful candidate will design and implement robust security architectures to protect our applications, data, and infrastructure.

• Analyze security requirements and ensure alignment with organizational policies and standards.
• Collaborate with project teams to integrate security controls into the project lifecycle.
• Design and implement secure architecture for cloud environments, leveraging security best practices.
• Ensure compliance with security standards and manage security configurations for resources.
• Develop and enforce security measures for APIs, including authentication, authorization, and threat protection.
• Implement API security best practices and manage API gateways to ensure secure data exchange.
• Design secure network architectures for on-premises environments, including segmentation, firewalls, and intrusion detection systems.
• Architect and oversee the implementation of security measures for eCommerce platforms, ensuring compliance with industry standards and best practices.
• Architect DevsecOPS, CI/CD pipeline.
• Design and support microservice architectures to enhance system scalability, flexibility, Security, and maintainability.
• Collaborate with cross-functional teams IT and security team to understand technical, IT security, and business requirements and translate them into well-architect solutions.
• Support risk assessments and develop mitigation strategies to ensure the security and integrity of data and IT systems.
• Stay updated with the latest trends and technologies in data management, security architecture, and eCommerce platforms.
• Provide technical leadership and guidance to development teams, ensuring best practices in coding, design, and architecture.
• Prepare detailed documentation of architectural designs, security protocols, and implementation plans.

• Minimum of 5-7 years of experience in solution architecture, with a focus on data management and cybersecurity.
• Demonstrated experience in architecture and design solutions using cloud data analysis tools.
• Hands-on experience with security architecture for eCommerce platforms.
• Experience in developing and implementing microservice architectures.
• Familiarity with cloud security, application, database, and API architecture best practices.
• Computer Science or Relevant Degree

• Microsoft Certified: Cybersecurity Architect Expert
• Microsoft Certified: Azure Security Engineer Associate
• Trend Micro Certifications
• Microsoft Certified: Identity and Access
• Certified Data Management Professional (CDMP)
• AWS Certified Solutions Architect

Skills and Competencies:

• Understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and compliance requirements (e.g., GDPR, HIPAA).
• Knowledge of designing secure networks, applications, and cloud Architecture, including understanding firewalls, VPNs, and micro service architecture.
• Understanding of IAM principles, including user provisioning, authentication, and authorization techniques.
• Familiarity with security tools, such as SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), and endpoint protection.
• Strong design knowledge and experience working with security technologies.
• The ability to verify solutions and gain assurance that they are fit for purpose through demonstrable evidence of controls and testing.
• Strong understanding of the changing threat landscape and how this may affect our systems.
• The ability to challenge concerns and report through appropriate channels.
• Self-drive, motivation, and the ability to work independently to deliver expected outcomes.
• Strong analytical and report writing skills.

• Understanding of API Protocols: Knowledge of REST, SOAP, and GraphQL.
• Authentication and Authorization: Familiarity with OAuth, JWT, and API keys.
• Threat Protection: Implementing rate limiting, IP whitelisting, and DDoS protection.
• Data Encryption: Ensuring data is encrypted in transit and at rest.
• API Gateway Management: Experience with tools like API Management, Kong, or Apigee.

• Azure Services: Proficiency with Azure services such as Azure Virtual Machines, Azure Kubernetes Service (AKS), Azure Functions, and Azure Storage.
• Networking: Understanding of Azure Virtual Networks, Subnets, and Network Security Groups.
• Security Best Practices: Implementing Azure Security Center recommendations and Azure Policy.
• Infrastructure as Code (IaC): Experience with ARM templates, Bicep, or Terraform for deploying Azure resources.
• Monitoring and Logging: Using Azure Monitor, Log Analytics, and Application Insights for tracking and diagnosing issues.

• Azure Active Directory (AAD): Deep knowledge of AAD, including user and group management, conditional access policies, and identity protection.
• Role-Based Access Control (RBAC): Implementing and managing RBAC in Azure to control access to resources.
• Single Sign-On (SSO): Configuring SSO for applications using AAD.
• Multi-Factor Authentication (MFA): Enforcing MFA for enhanced security.