Information Security Architect
- Beijing, Beijing Shi, China
- Permanent, Full time
- S&P Global
- 18 Apr 19
Information Security Architect
The Role: Information Security Architect
The Location: Beijing
The Impact: The person in this role will have a deep technical knowledge and will be responsible for providing end to end Security Solutions covering a broad range of security technologies and platforms. This role requires impeccable interpersonal skills as well as a comprehensive understanding of business strategy, architecture and products. The person must have the ability to influence and collaborate across the broader technology engineering teams in the firm.
- Implement and maintain the key security technology within the firm.
- Interpret and apply understanding of policy, process, and business architecture, legal and political implications in order to assist the development of technical solutions or controls.
- Maintains a deep understanding and application of security concepts at a technical level.
- Partner with key IT service providers to ensure industry standard platform, network and endpoint security posture.
- Ensure industry standard framework implementation
- Influence security policy, standards and guidelines.
- Participates in internal, external and regulatory audits and requests for information.
- Provide a secure environment, managing and mitigating risks
- Provide reporting and metrics
- Create, review, maintain and update documentation including Documenting & Publishing fixes in central knowledge base
- Work with global colleagues to provide globally consistent processes and solutions.
- Must be a subject matter expert for the company's security processes across multiple domains and disciplines - on premise and cloud / SaaS based applications, data, infrastructure and mobile solutions.
- An absolute passion for information security and knowledge of the latest threats, trends and concerns at a global level.
- 5+ years' experience in some combination of the following disciplines with an emphasis on information security: network architecture, IT perimeter design, application architecture and design, authentication platforms, industry standard frameworks (NIST, ISO), DNS, VPN, URL Filtering, SIEM design, Email security, Cryptography concepts.
- Must be highly collaborative, able to effectively interact with peers, management and leadership teams, excel at cross-team initiatives and act with a sense of urgency when security issues or requirements arise.
- Demonstrable deep technical knowledge on all facets of Information Technology and Information Security.
- Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs).
- Intimate knowledge of the Cyber Kill Chain and other relevant network defence and intelligence frameworks.
- Knowledge and experience of Cloud deployment models and architectures
- Experience of Agile methodologies - TDD, Scrum, Kanban
- A minimum of a Bachelor's Degree in Information Systems, Computer Science, Engineering, or equivalent experience
- CISSP and/or SANS certification preferred
- Networking certification (CCIE) a plus