Job Accountability :
 Gaining an understanding of our Current State and Target State Architecture and then working to define a strategy for our technical direction around security.
 Owner of an application/solution or a feature within the application/solution
 Responsible for leading infrastructure assessments, making decisions on threat modeling and proper security service design and implementation.
 Acts as expert for infrastructure teams in the plan, design, and delivery of IT solutions
 Defines and communicates a shared technical and architectural vision (including infra)
 Technical expertise in multiple disciplines within IT Infrastructure and Information Security, including: networking, virtualization, cloud computing, application security & databases
 Provide security architecture and advice in support of application security, IT infrastructure, and enterprise technology projects to ensure the integrity of the bank is protected.
 Consult with the Enteprise Architecture practice to ensure that the service is aligned with FAB architectural patterns
 Ensure that SDLC procedures defined for Requirements and Solution Design within the domain/service/application/feature are followed.
 Document quality procedures for the service
 Define, document and implement the infra & security architecture for the IT projects including but not limited to the following
1. Authentication & authorization
2. Account administration controls (provisioning, segregation of duties, validation, attestation, etc.)
3. Auditing of critical security related events
4. Confidentiality, Integrity, and Availability of the system and data.
 Ensure that talent is continual brought into the team through facilitating interviewing new team members including on boarding
 Ensure that all performance and career based activities, conversations and artefacts are prepared together with the individuals, such as; Development Plan
 Share knowledge through Code Reviews and Communities of Practise opportunities across the Service

Qualifications Required:

 Minimum 10-15 years overall experience in IT starting with the hands-on engineering positions
 2-5 years’ experience doing practical design or architecture within the specialization (solutions, infrastructure, network, security, etc.)
 Act as a technical focal point for complex network and security design/solution
 Act as a technical SME during the product/solution evalution and implementation for network & security tools
 Must have experience around Enterprise Security Architecture Security, Security Strategy and Compliance Consulting Experience creating and audit of security best practices and implementation of security principles across the organization , to meet business goals along with customer and regulatory requirements,
 Understanding of compliance regulatory requirements like ISO,PCI DSS, NESA etc.,
 Must have experience around design of security controls and product best fit analysis to ensure end to end security covering different areas of security architecture :
o Layered Security
o Zoning
o Integration aspects
o API Security
o Endpoint Security
o Data Security
o Compliance and regulations
o Threat Intelligence
o Threat Exposure & Incident Management aspects
 Must Possess strong presentation , written and verbal communication skills
 Industry Security Certifications like CCIE,CISSP, CISA, CISM, CSRIC, TOGAF,SABSA etc., are preferred
 Good Understanding & Must have experience in implementing Cloud Security Controls
 Good Understanding of Cloud Platforms like Azure, Oracle, Google,AWS etc.,
 Good Understanding of Dockers, Containers and Kubernetes
 Good Understanding of SDN technologies like ACI.
 Good Understanding of REST, SOAP Protocols, Web services etc.,
 Good Understanding of Symmetric and Asymmetric Cryptography algorithms.
 Hands on Experience on Multi-vendor firewalls and other security technologies ( Firewalls, Web Proxy, Email Gate, Endpoint Security etc..)
 Knowledge and experience in requirements traceability throughout the design phase, including functional and non-functional requirements
 Ability and experience in translating functional and non-functional requirements into solution/feature/component design and service architecture

 Can create a high-level and low-level design (functional and non-functional) of a single or a small collection of components or a small end-to-end service
 Conducts / participates in code reviews, identifies bug root causes, and finds a workable solution
 Participates in Communities
Proactively addresses issues discovered in the software components, infrastructure and scripts in the various environments