CYBER SECURITY SOLUTIONS ARCHITECT job from Dialog Axiata PLC in Colombo, Sri Lanka

Saturday 2nd, May 2020

Dialog Axiata PLC

Apply Bookmark

Colombo

Full-Time

IT-Software / Internet

The Job
This position holder is responsible for developing and implementing the cyber security blueprint for Dialog and subsidiaries. Responsible to build and maintain the expected Confidentiality, Integrity and Availability (CIA) of systems of Dialog Axiata Plc. Protecting the company from emerging cyber threats originating from internal and external threat actors and adopting a proactive approach to protect information assets to ensure the continuous service delivery to users and customers.
 
 

  • Drive the delivery of security technology investment efforts
  • Lead technology selection efforts from a technical perspective
  • Frame and conduct various technology selection approaches including RFI/RFP/streamlined vendor
  • Frame subsequent proof-of-concept and implementation activities
  • Lead cyber/information security related project implementation and manage the SLA’s for timely delivery.
  • Develop and enhance target architectures as well as target operate models for new/existing architectures and services
  •  Develop/maintain infrastructure architecture diagrams to facilitate engineering material builds
  • Provide input into strategic direction and technology decision activities
  • Support adhoc architecture service requests for efforts such as research, architecture/use case modeling, and architecture assessments/reviews
  • Develop Minimum Security Baseline configurations for existing and  new technologies
  • Develop security technology standard proposals
  • Lead and facilitate architecture presentations to project teams, working groups, design authorities, and leadership based upon need
  • Monitor the threat landscape and take appropriate action against emerging threats by providing inputs to finetune existing security solutions
  • Assist in incidents and investigations related to breaches and fraud as part of the CIRT (Computer Incident Response Team) team.
  • Act as the subject matter expert w.r.t bridging the compliance, privacy, regulatory and business/technical requirements in projects and solutions.
  • Act as the subject matter expert w.r.t bridging the compliance, regulatory and business/technical requirements in projects and solutions.
  • Coordinate with internal and external (Dialog internal divisions & Axiata) stake holders for information w.r.t cyber threat intelligence and reporting as required by stakeholder.
  • Working Knowledge in secure software development lifecycle (SSDLC) and application security testing (AST) in a continues integration and delivery platform (CI/CD)
  • Should possess knowledge on cloud security concepts and implementing them on multiple cloud solutions.

 
 
The Person
 

  • 6+ years of experience in an architecture or engineering capacity; Direct information security experience is highly favorable,
  • 8+ years of experience in IT or related field
  • Bachelor's and/or Master's degree in Computer Science, Information Systems, Cybersecurity, Telecommunication or related field of study.
  • Familiarity in the development and maturation of operate models
  • Wide array of technology experience (ranging from system/application development to operations/engineering to architecture)
  • Ideally, the individual within this role will have held a wide array of roles within an IT organization
  • Cloud experience/exposure -- particularly with regard to AWS, GCP and Microsoft cloud service offerings (e.g., O365 architecture) and Azure is a plus
  • Experience in IT or security organizations supporting mobile or "disconnected" workforce
  • Knowledge of : CISSP, CISM, CCSP, SANS Certifications including: GSEC, ECSA, ECSP, Security+
  • Familiarity/experience with SABSA methodology
  • Detailed understanding on ISO 27001: ISMS and NIST (National Institute of standards and Technology) cyber security framework and 800-53, CIS (Centre for Internet Standards) minimum base line security slanderers also other best practices such as BS10012, and PCI-DSS (Payment Card Industry – Data Security standards) preferred.

 

  • Experience with:
  • Developing policies and standards
  • Implementing and configuring information security tools
  • Developing and improving information security processes
  • Strong technical knowledge of security in at least one of the following:
  • Applications
  • Unix servers
  • Windows servers
  • Oracle and/or MS SQL databases
  • Networks
  • Middleware
  • Mobile devices and applications
  • Excellent communication skills
  • Good relationship management skills
  • Flexibility and adaptability in the face of changing priorities
  • Ability to evaluate and manage risk
  • Ability to manage several unrelated efforts simultaneously
  • Ability to negotiate resolutions of conflicting security and business objectives
  • Strong understanding of information security concepts, threats, vulnerabilities and controls
  • Real-world hands-on experience
  • Unquestionable integrity
  • Teamwork orientation
  • Demonstrated perspective and good judgment
  • Willingness to assume responsibility and ownership
  • Personal initiative and strong personal work ethic
  • Ability to work independently
  • Professional poise and presence

 

Skills required

Teamwork orientation

Familiarity in the development and maturation of operate models

Knowledge of : CISSP, CISM, CCSP, SANS Certifications including: GSEC, ECSA, ECSP, Security+

Developing policies and standards

Strong technical knowledge of security in at least one of the following:

Excellent communication skills

Good relationship management skills

Ability to evaluate and manage risk

Strong understanding of information security concepts, threats, vulnerabilities and controls