Security Architect

to follow

Be #InGoodHands with Metrobank!

Here at Metrobank, we don't simply hire employees—we hone future leaders. We provide opportunities that enhance your skills and unlock your talents, helping you evolve into a well-rounded individual. We supply you with all the pieces you need to do your best work, unleashing your full potential to help you secure your future and lead a fulfilling career. And with Metrobank's strong heart for the community, you have the chance to give back and make worthwhile contributions to our nation's economic and social development. With Metrobank, a meaningful life is within your reach!

Position Title: Security Architect

Job Summary:
 

• Responsible for the design and engineering of network and systems security infrastructure and connected services in the bank, including network and system security testing and implementation of new products, services or improvements to existing and current security infrastructure - includes solutions-review of security-related projects and security platforms and any other related software, such as anti-virus, firewalls, cryptographic control systems (HSM), and all other security-related tools and security technologies
• Ensures that network and system security best practices are executed and implemented

Role Exposure:
 

• Responsible for keeping the security infrastructure current, making recommendations, and participating in the implementation and continuous improvement of security technologies and services in assigned information security domains
• Collaborating cross-functionally with enterprise architects, infrastructure engineers, and data scientists to achieve continuous improvement in the Bank’s cyber defense/resilience posture
• Collaborates and coordinates with ITG the security infrastructure design to ensure alignment with IT plans and activities
• Serves as subject matter expert (SME) for the different enterprise-wide IT and security projects
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancement
• Investigate and analyze existing cloud structures and creating new and enhanced security methods that will enhance the security of on premise and cloud-based environments
• Develops and maintain security baseline standard of various operating systems, network devices, databases, security devices and other technologies currently in use in the production environment
• Monitor and ensure ITG implements the baseline system security standards in production systems
• Analyze, design, and develop business cases for security infrastructure-related solutions. Plans and directs the implementation of these solutions
• Leads the development of a robust, secure and resilient network design and security architecture that aligns the enterprise security strategy with overall business and technology strategy
• Architect, document designs and implement security solutions based on the Information Security roadmap and plan, results of security risk assessments, IT security best practices, and collaborative business analysis
• Ensures disaster recovery procedures of security are established and tested
• Manages the testing of technical controls and monitors its implementation
• Performs cost-benefit analysis to ensure that IT security infrastructure projects make business sense without sacrificing the need for security controls
• Prepares the business case for IT security projects
• Review and approve installation of firewall, VPN, routers, IDS scanning technologies, servers and network devices
• Analyze and assess the impact of any technical changes in the current information processing facilities and connected services of the bank
• Ensures that thorough documentations of security implementations, technical documentation are available
• Proactively works with the SAID Head in implementing programs for the continuous improvement of the bank’s information security plans and strategies;
• Perform other information security governance, risk and compliance related duties and responsibilities as directed by the SAID Head

Qualifications:
 

• Graduate of any college degree in Computer Science or Information Security, or related technical field of expertise.
• Has deep understanding, strong working knowledge and at least 8 years’ experience in building/implementing IT Systems Architecture/Infrastructure Security, authentication technologies, Server Security, Network Security, Database Security, Application Security, Communications Security, Data Security, IT Security Risk Assessment, Vulnerability Assessment, Penetration Testing, Business Continuity, Physical Security, Operations Security and Cloud Secure architecture.
• Has at least 8 years’ experience in IT security and IT security risk assessment
• Has understanding of security protocols, cryptography, authentication and authorization.
• Preferably with IT security related certification such as CISSP, CEH (or equivalent) GIAC, GSEC, etc.
• Has the ability to think like a malicious hacker to anticipate and defend one’s organization against cyber security risks
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies a plus
• People Management Skills: Ability to lead and work well with the team, internal, and external clients.
• Have good teamwork and collaboration skills: good team player with the ability to lead security initiatives, explain and enforce security measures.
• Good Project management skills: to lead and manage accomplishments of assigned tasks/risk assessment activities.
• Can be self-managed, self-starter with good organizational skills
   

Other Details:

Rank: Senior Officer

Unit: Financial & Control Sector / Information Security Division / Security Architecture and Innovations Department

Location: Metrobank Center, BGC, Taguig City

to follow