Assistant Vice President - Information Security Architecture

Security Management:

A- Applies advanced subject matter knowledge to solve complex business issues and is regarded as a subject matter expert
B- Serves as a Network Security expert in Network design & Implementation, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices
C- Ensures adequate security solutions are in place throughout all systems and platforms to mitigate identified risks sufficiently, and to meet business objectives, enterprise security policy and regulatory requirements
D- Review and Manager control effectiveness of  Security infrastructure solutions and services, such as firewall, public key infrastructure, anti-DDOS, etc
E- Determines baseline security configuration standards for operating systems (e.g., OS hardening), Network/Security Devices and Network segmentation etc
F- Collaborate with systems, network, database, vendor teams to ensure security is maintained at all layers
G- Develop framework for securely implementing, integrating and managing Network 
H- Prepare Network hardening standards in-line with organization's security policy
I- Conduct Network Architecture Review periodically inline with the Policy requirement
J- Conduct Firewall Configuration & Rule Review periodically inline with the Policy requirement
K- Support New vendor product review and selection. Design and development of Data Networks (WAN, LAN, WLAN,WWAN) and associated Security Controls
L- Provide technical design support, sizing, availability guidance for network
M- Support Governance & Risk Team for Third Party Risk Assessment and Technical control validation/audit for service providers
N- Manage risk register & review periodic risk mitigation actions

Stakeholder/Vendor Management
A- Effectively manage cross-functional internal and external team collaboration, communications & trainings
B- Maintain relationship with network and services vendor leadership to ensure effective implementation and network operations, ongoing support, and deployment of competent resources
 

Functional areas: Risk Management & Governance, Datacenter Operations, Network Management, Endpoint Security, Security Operations Centre, Data Security
Stakeholders: Enterprise IT Architect, Senior IT  leaders including CISO , CTO
 

Measures of Success(Define the Outcomes expected of the role):

A- Successful implementation/ adoption of any new solution, technology or framework
B- Successful delivery of security projects specifications within time and budget
C- Security strategy & architecture is aligned with company /business objectives & regulatory requirement
D- Key risk & security issues identified & recorded for treatment
E- Architecture level decisions are taken independently inline to policy & presented to related forum
F- Related security metrics are within acceptable threshold
G- Maturity of Information & Cyber Security Program
 

Skills Sets Required:

A- Individual must possess the knowledge and the following skills and abilities or be able to perform the essential functions of the job; 
B- Ability and experienced in highly secure and restrictive enterprise environments.
C- Working experience on various operating systems (Unix/Linux/AIX/Window Servers etc.), implementation of network and security devices like Firewall, IPS, VPN, APT, proxy etc.
D- Strong understanding of LAN/WAN, SD WAN, Routing and Switching and Secure Network Architecture concept
E- Technical knowledge: UNIX, Linux, Windows, OS X, various firewalls, digital certificates, SSL, VPN, TCP/IP, DNS, web security architecture etc
F- Good knowledge of information security principles and practices.
G- Ability to lead, collaborate, challenge and influence peers. Passion for project based execution and process improvement.
H- Excellent Documentation, Communication, presentation, interpersonal and leadership Skills
I- Excellent written and verbal communications skills with a demonstrated ability to make difficult concepts easy to understand 
J- Ability & willingness to support 24*7 operations/support as required by organization

Required Qualification

A- Bachelor’s Degree in a related area such as Computer Science or Information Technology or B.Tech/similar
B- Industry standard certifications such as CISSP, CCIE/CCNP, Network Security – Firewall, Proxy, VPN/other similar and relavant
C- Demonstrable understanding within Network, Database Security and related technologies

Required Experience

A- Overall 8-10 Years in IT/Information/Cyber Security solution
B- 5+ Years in Information Security Operations / Security Device Management/ Security Technology Operations
C- At least 2+ years in Technical archtehcurewhich includes managing security experts