Key responsibilities
- Develop relationships with technology stakeholders, take the learnings from project engagements and inform security decision making in shifting common security architectural patterns and enterprise security strategy
- Develop security solution architecture and designs for security initiatives to deliver new or uplifted enterprise security capabilities
- Perform security assessments of cloud services and identify controls to support secure adoption of the services
- Develop and maintain re-usable security architecture and design patterns for consumption by the broader security and solution architecture practice
- Foster a collaborative culture for the development of strategic thinking within Security Services’ individual teams
- Ensure appropriate knowledge management and accurate documentation across domains in the enterprise security architecture practice
- Document, socialise and present outcomes of key decisions during security architectural engagements
- Advise projects on appropriate security patterns aligning to the organisation’s information risk policy and standard operating procedures
Education and Experience
- Degree in Computer Science, Business studies or Engineering discipline with specific studies in Information Technology
- 10+ years’ experience in IT, including 5+ years as an Security Architect
- Experience with Solution Architecture and IT Project Delivery (mandatory)
- Experience with Cloud Architectures – Azure/AWS (mandatory)
- Experience in security architecture and design
- Proven ability to develop control definitions from control objectives to form security architecture in a large and complex environment
- Expert knowledge of Azure Cloud principles and their security implications
- Proven capability providing security architecture support for the adoption of Azure cloud services, through performance of risk and threat assessment, and the definition of security controls
- Knowledge of, and experience in technology governance, including industry frameworks such as ITIL and COBIT and relevant Australian and international standards
- Knowledge and understanding of Threat Modelling methodologies and Common TTPs in modern and agile applications and common countermeasures and defensive controls used in large enterprises
- Knowledge and understanding of legislative and regulatory requirements relating to banking and finance technology
- Leadership and thorough understanding of current and emerging security threats, relevant security solutions, and limitations of such solutions
Key Behavioural Skills required
- Strong problem-solving skills.
- Strong customer-service focus and strong customer management skills.
Key Technical Skills required
- Strong knowledge of Cloud Security patterns and architecture.
- Strong knowledge of either Azure. Certification is preferred
- Strong knowledge of overall security patterns including application, network and infrastructure.
- Strong knowledge of Dev Ops tools supporting end to end automation.