Define and partner with stakeholders in a multi-disciplined team structure, designing and implementing cloud security solutions to provide coverage across a variety of projects
Lead stakeholders and vendors engagements and providing subject matter expertise to Business Units and engagement teams
Develop deep working relationships with senior executives across engagement teams.
Responsible and execute large-scale project deliveries
Manage teams and mentor junior resources
Oversee infrastructure and microservices security architecture (inclusive of: container security architecture, data security architecture, network security architecture and operational security architecture).
Review the infrastructure & microservices design against different security regulatory, industry and internal standards such as PCI DSS and CSA Containers security guidelines and identifying the necessary security architecture requirements for the same.
Review the infrastructure & microservices network and data architecture and identifying the necessary security architecture requirements for the same.
Ensure that final design addresses identified threats and countermeasures during threat modelling
Qualifications:
Minimum 8 years working experience in IT Security Management role, preferably in Financial Services.
Proven track record in delivering endpoint security projects and managing enterprise-grade solutions.
Regional experience in IT Security Technical or Engineering roles.
Strong analytical and problem-solving abilities with a proactive and collaborative mindset.
Degree in Information Technology or equivalent discipline.
Technical experience in Identify, Protect, Detect, Response or Recover areas.
Good understanding of cloud environments and familiarity with how networks work in cloud environments.
KEY ACCOUNTABILITIES
Managing and engineering endpoint protection solutions such as Microsoft Defender for Endpoint and CrowdStrike Falcon
Develop and enforce endpoint hardening standards, ensuring secure configurations are rolled out and maintained throughout the asset lifecycle.
Align endpoint security initiatives with the broader Information Security strategic roadmap.
Automate security operations using scripting languages (e.g., PowerShell, Python, KQL) to improve efficiency and consistency.
Manage and maintain configuration scanning policies to ensure endpoints and servers adhere to security baselines (e.g., CIS Benchmarks, internal hardening standards).
Collaborate with cross-functional teams to deliver endpoint security programs on time and within budget.
Manage device control policies and ensure compliance with regulatory and internal standards.
Support integration and policy enforcement through platforms like Microsoft Intune.
Drive the successful delivery of network security projects, ensuring alignment with the Group Information Security strategies and business objectives.
Drive awareness and support to Group IT Security, Group IT and Business Units IT, to understand the IT Security Solutions and Processes, as well as their implications across the organization.
Drive IT Security Engineering Initiatives and Projects definition and
Group and Business Units Chief of Technology and Operations
Group and Business Units IT & Operations
Group and Business Units Internal Audit
External Auditors
Vendors and/or Service Providers enforcement of the IT Security Engineering program.
Good communication and presentation skills. implementation, selection of solutions and architecture, as well as define operations framework and its continuous improvement.
Collaborate with cross -functional teams across Business Units to ensure consistent execution of security initiatives.
Partner with the Head of IT Security Engineering and Group CISO, through tracking and reporting function, to ensure regular updates to management on the IT Security Engineering Program and risks.
Provide technical leadership and mentorship to junior engineers and project teams.
Continuously evaluate emerging technologies and recommend improvements to enhance the security infrastructure.
