Chief Security Architect

Job Title: Cybersecurity Solution Architect

Job Summary: We are seeking a skilled Cybersecurity Solution Architect to design and implement secure architecture for our organization.

• 
  
• Design and maintain application, data, and cybersecurity architecture to support security, scalability, resilience, and risk management requirements.
  
• Review and support the security design for new IT projects, ensuring alignment with organizational security policies and standards.
  
• Collaborate with project teams to identify security requirements and integrate security controls into the project lifecycle.
  
• Design and implement secure architecture for Azure environments, leveraging Azure security services and best practices.
  
• Ensure compliance with Azure security standards and manage security configurations for Azure resources.
  
• Develop and enforce security measures for APIs, including authentication, authorization, and threat protection.
  
• Implement API security best practices and manage API gateways to ensure secure data exchange.
  
• On-Premises Network Security:
  
• Design secure network architectures for on-premises environments, including segmentation, firewalls, and intrusion detection systems.
  
• Architect and oversee the implementation of security measures for eCommerce platforms, particularly Magento, ensuring compliance with industry standards and best practices.
  
• Architect DevsecOPS, CI/CD pipeline.
  
• Design and support microservice architectures to enhance system scalability, flexibility, Security, and maintainability.
  
• Collaborate with cross-functional teams IT and security team to understand technical, IT security, and business requirements and translate them into well-architect solutions.
  
• Support risk assessments and develop mitigation strategies to ensure the security and integrity of data and IT systems.
  
• Stay updated with the latest trends and technologies in data management, security architecture, and eCommerce platforms.
  
• Provide technical leadership and guidance to development teams, ensuring best practices in coding, design, and architecture.
  
• Prepare detailed documentation of architectural designs, security protocols, and implementation plans.
  
• Participate in the evaluation and selection of new technologies and tools to enhance the organization's capabilities.
  

Requirements:

• 
  
• Minimum of 5-7 years of experience in solution architecture, with a focus on data management and cybersecurity.
  
• Demonstrated experience in architecture and design solutions using Azure Data Lake and other data analysis tools.
  
• Hands-on experience with security architecture for eCommerce platforms, particularly Magento.
  
• Experience in developing and implementing microservice architectures.
  
• Familiarity with cloud security, application, database, and api architecture best practices.
  
• Computer Science or Relevant Degree
  

Certifications:

• 
  
• Microsoft Certified: Cybersecurity Architect Expert
  
• Microsoft Certified: Azure Security Engineer Associate
  
• Trend Micro Certifications
  
• Microsoft Certified: Identity and Access
  
• Certified Data Management Professional (CDMP)
  
• AWS Certified Solutions Architect
  

Skills and Competencies:

• 
  
• Understanding of cybersecurity frameworks (e.g., NIST, ISO 27001) and compliance requirements (e.g., GDPR, HIPAA).
  
• Knowledge of designing secure networks, applications, and cloud Architecture, including understanding firewalls, VPNs, and micro service architecture.
  
• Understanding of IAM principles, including user provisioning, authentication, and authorization techniques.
  
• Familiarity with security tools, such as SIEM, IDS/IPS, and endpoint protection.
  
• Strong design knowledge and experience working with Trend Micro Vision One, XDR platform, email security, EDR, email security, PAM, IPS, WAF, and DLP technologies.
  
• Strong design and support experience working with Azure/AWS security controls such as Defender, Purview, IAM, Entra ID etc..
  
• The ability to verify solutions and gain assurance that they are fit for purpose through demonstrable evidence of controls and testing.
  
• Strong understanding of the changing threat landscape and how this may affect our systems.
  
• The ability to challenge concerns and report through appropriate channels.
  
• Self-drive, motivation, and the ability to work independently to deliver expected outcomes.
  
• Strong analytical and report writing skills.
  

API Security:

• 
  
• Understanding of API Protocols: Knowledge of REST, SOAP, and GraphQL.
  
• Authentication and Authorization: Familiarity with OAuth, JWT, and API keys.
  
• Threat Protection: Implementing rate limiting, IP whitelisting, and DDoS protection.
  
• Data Encryption: Ensuring data is encrypted in transit and at rest.
  
• API Gateway Management: Experience with tools like Azure API Management, Kong, or Apigee.
  

Azure Architecture:

• 
  
• Azure Services: Proficiency with Azure services such as Azure Virtual Machines, Azure Kubernetes Service (AKS), Azure Functions, and Azure Storage.
  
• Networking: Understanding of Azure Virtual Networks, Subnets, and Network Security Groups.
  
• Security Best Practices: Implementing Azure Security Center recommendations and Azure Policy.
  
• Infrastructure as Code (IaC): Experience with ARM templates, Bicep, or Terraform for deploying Azure resources.
  
• Monitoring and Logging: Using Azure Monitor, Log Analytics, and Application Insights for tracking and diagnosing issues.
  

Identity and Access Management (IAM):

• 
  
• Azure Active Directory (AAD): Deep knowledge of AAD, including user and group management, conditional access policies, and identity protection.
  
• Role-Based Access Control (RBAC): Implementing and managing RBAC in Azure to control access to resources.
  
• Single Sign-On (SSO): Configuring SSO for applications using AAD.
  
• Multi-Factor Authentication (MFA): Enforcing MFA for enhanced security.