الوصف الوظيفي
OVERVIEW:
Secure enterprise systems and applications by determining security requirements, planning, designing, and architecting, implementing, and testing security systems, preparing functional security standards, baselines and guidelines and mentoring team members.
ROLES & RESPONSIBILITIES:
Collaborate closely with QF entities and vendors to gather information security requirements, understand assets and solutions requirements by the business.
Review, evaluate and propose effective and efficient cyber security solutions to meet QFIT objectives and solve problems.
Capturing and translating well-defined customer security requirement into high-level solution or components design.
Translating high-level solution and component designs into low-level designs and implementable configurations.
Ensure delivery of the security solutions relevant to SOW or RFPs and participate in the tendering process such as technical evaluation.
Review existing architecture, identify design gaps, and recommend security enhancements and ensure it is aligned with QF Cybersecurity strategy and control Framework
Review and assess the documents (technical proposal, HLD, LLD) of new and upgrade projects to ensure the necessary security controls and integration requirements are taken into considerations within the design stages of the projects.
Collaborate closely with the other teams including Strategy, Solutions, Architecture, Operations, Governance & Security and Applications to ensure that the security requirements are well identified and captured.
Research and provide subject matter insights and advice on security solution that would augment the controls and improve user experience across the organization and its client.
Understand current and emerging security threats and design security architecture to mitigate threats where possible.
Stay abreast of new security technologies and integrate them into security architecture design where appropriate.
Work closely with governance and security team to develop and review information and align to the Information security management system.
Lead, access and recommend the security control requirements for complete environment.
Contribute in preparing budgets for the security solutions and provide accordingly inputs for the yearly organization budgets business plan.
Member of EAB (Enterprise Architecture Board) and Internal Change management meetings.
Keeps IT Solution & Architecture and IT Governance Security Manager aware of key security issues, identifying and resolving potential problems and conflicts.
Recommends changes that impact the strategic direction.
Consults with project teams to ensure compatibility with existing solutions, infrastructure, and services.
Coordinates Security architecture implementation and modification activities.
Review frameworks, process models and interactions with users and other systems.
Review policies and procedures as needed.
Create well-defined Security Architecture for the environment.
Act as the technical authority for assessment and approval of specifications for solution construction or change.
المهارات
SKILLS & COMPETENCIES:
Ten years (10) plus years of experience in IT security design, Architecture, implementation, and consulting.
Must have a specialization in areas of Cyber domains such as Identity Access Management, Cloud Security, Network security, platform, application, and database security with a broad understanding of other areas.
Leadership, project, and team building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
Demonstrated the ability to identify risks associated with business process, operations, information security programs and technology projects.
The ability to enterprise security subject matter expert who can explain technical topics to those without a technical background.
Skilled in Agile/Scrum methodology.
Understanding of IT security standards and frameworks - NIST, 1SO27OO1, PCI-DSS, COBIT, SANS and COSO.
Understanding the framework for enterprise architecture such as TOGAF, SABSA, OR Zachman.
Knowledge of networking concept, technology, and its protocols.
Knowledge of servers/ systems, applications, and database.
Stay up to date with the latest security products and IT threats.
Excellent analytical and problem-solving skills are relevant.
Effective presentation skills and expert knowledge in using tools such as MS office, Visio, and other design tools.
Reviews of the network security measures of the company and recognize potential threats and provide risk reduction and mitigation plan.
EXPERIENCE:
Minimum 5 Years’ Experience Managing Security Devices/solutions.
7+ years of experience in a technical infrastructure or systems role prior to security experience within the network discipline
A solid understanding of information security’s role in an enterprise network.
Excellent analytical, problem-solving, and decision-making skills
Experience with multiple security vendors, such as Fortinet, Cisco, and Paulo Alto.
Direct, hands-on experience or strong knowledge of managing security infrastructure - e.g., Firewalls, intrusion prevention system (IPSs), web applications firewalls (WAFs), endpoint protection, encryption, technologies, SIEM and log management technology, and APT.
Experience in cloud computing security design and architecture (Azure and Oracle).
Technical experience with Cloud environments (IaaS, PaaS, and SaaS).
Experience with Microsoft 365 security.
Experience with EDR/XDR solutions. Experience with CASB solutions.
Experience in developing security architecture and principles in designing and implementing security solutions.
Multi-vendor and industry experience preferred.
Good experience in the development and design of security best practices and implementation of solid security principles across the organization, to meet the business goals along with customer and regulatory requirements.
Verifiable experience reviewing application code for security vulnerabilities.
Direct, hands-on experience or a strong knowledge of vulnerability management tools. Experience and a strong working knowledge of the methodologies to conduct threat-mode ling exercises on new application services.
EDUCATION:
Bachelor’s Degree in Information security, or related fields.
A Master’s Degree in cyber security is a plus.
Must be TOGAF Certified.
Must be CISSP Certified.
Should have one or more security professional certificates such as GDSA, CREST, ISSAP, Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), etc.
Other preferred certifications:
SCRUM Certified.
CCIE Security
Azure Security (AZ-500)
Microsoft 365 Security (MS-500)
Microsoft Azure Fundamentals (AZ-900)
Microsoft Security, Compliance, and Identity Fundamentals (SC-900).
تفاصيل الوظيفة
منطقة الوظيفة الدوحة, قطر
قطاع الشركة خدمات تكنولوجيا المعلومات; تطوير البرمجيات
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف غير محدد
الراتب الشهري غير محدد
عدد الوظائف الشاغرة غير محدد
المرشح المفضل
المستوى المهني متوسط الخبرة
https://www.bayt.com/ar/qatar/jobs/senior-security-architect-4449437/
نسخة للطباعة 
ابلغ عن اعلان مخالف