Cyber Security Architect

Overview:

**_Role Purpose_**
- The purpose of this role is to design the organisation’s computer and network security infrastructure and protect its systems and sensitive information from cyber threats._

**_
- **

**_Do_**
- **_Design and develop enterprise cyber security strategy and architecture_**
- _Understand security requirements by evaluating business strategies and conducting system security vulnerability and risk analyses _
- _Identify risks associated with business processes, operations, _
- information security programs and technology projects_
- _Identify and communicate current and emerging security threats and design security architecture elements to mitigate threats as they emerge_
- _Identify security design gaps in existing and proposed architectures and recommend changes or enhancements_
- _Provide product best fit analysis to ensure end to end security covering different faucets of architecture e.g. Layered security, Zoning, Integration aspects, API, Endpoint security, Data security, Compliance and regulations_
- _Demonstrate experience in doing security assessment against NIST Frameworks, SANS, CIS, etc._
- _Provide support during technical deployment, configuration, integration and administration of security technologies_
- _Demonstrate experience around ITIL or Key process-oriented domains like incident management, configuration management, change management, problem management etc._
- _Provide assistance for disaster recovery in the event of any security breaches, attacks, intrusions and unusual, unauthorized or illegal activity_
- _Provide solution of RFP’s received from clients and ensure overall design assurance_
- Analyse technology environment, enterprise specifics, client requirements to set a collaboration design framework/ architecture
- Depending on the client’s need with particular standards and technology stacks create complete RFPs
- Provide technical leadership to the design, development and implementation of custom solutions through thoughtful use of modern technology
- Define and understand current state solutions and identify improvements, options & tradeoffs to define target state solutions
- Clearly articulate and sell architectural targets, recommendations and reusable patterns and accordingly propose investment roadmaps
- Evaluate and recommend solutions to integrate with overall technology ecosystem
- **_Stakeholder coordination & audit assistance_***
- _Liaise with stakeholders in relation to cyber security issues and provide timely support and future recommendations_
- _Provide assistance in maintaining an information security risk register and help with internal and external audits relating to information security_
- _Support audit of security best practices and implementation of security principles across the organization, to meet business goals along with customer and regulatory requirements_
- _Assist with the creation, maintenance and delivery of cyber security awareness training to team members and customers_

**_Stakeholder Interaction_**

**_Stakeholder Type_**

**_Stakeholder Identification_**

**_Purpose of Interaction_**

**_Internal_**
- Program Manager/Director_
- Regular reporting & updates_
- Infrastructure (CIS team)_
- For infrastructure support_

**_External_**
- Customer_
- To coordinate for all security breaches & resolutions_

**_Display_**
- Lists the competencies required to perform this role effectively: _
- **_Functional Competencies/ Skill_**
- Leveraging Technology - Knowledge of current and upcoming security technologies (e.g. Firewalls, IPS, DDoS, SIEM, WAF, Endpoint etc.) and understanding of compliance regulatory requirement like PCI DSS, HIPAA, etc. **_Expert_**:

- Systems Thinking - Understanding of the Wipro system (interrelatedness, interdependencies and boundaries) and perform problem solving in a complex environment - **_Expert_**:

- Leveraging Technology - In-depth knowledge of and mastery over ecosystem technology that commands expert authority respect - **_Master_**:

- Technical Knowledge - Certified Information Systems Security Professional (CISSP), Cloud Architect Certification from AWS and Azure, ToGAF or SABSA certification-**_Master_**
- Competency Levels_
- Foundation_
- Knowledgeable about the competency requirements. Demonstrates (in parts) frequently with mínimal support and guidance._
- Competent_
- Consistently demonstrates the full range of the competency without guidance. Extends the competency to difficult and unknown situations as well._
- Expert_
- Applies the competency in all situations and is serves as a guide to others as well._
- Master_
- Coaches others and builds organizational capability in the competency area. Serves as a key resource for that competency and is recognized within the entire organization._
- **_Behavioral Competencies_**
- _Effective Communication_
- _Managing Complexity_
- _Client centricity_
- _Technology Acumen_
- _Innovation_
- _Problem Solving approach_
- _Collaborat