Security Architect-Security Solution Design

Introduction

Information and Data are some of the most important organisational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analysing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organisation with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your role and responsibilities

The Senior Security Architect is a strategic and technical leader responsible for defining, developing, and maintaining the organization's security architecture across various domains, including cloud, on-premises infrastructure, and applications. This role provides expert guidance to project teams, stakeholders, and security personnel to ensure that security is embedded throughout the system development lifecycle and operational processes. The Senior Security Architect proactively identifies security risks, recommends robust and innovative solutions, and drives the adoption of security best practices to protect the organization's assets and maintain a strong security posture.

• Strategic Security Leadership: Define and evolve the organization's security architecture framework, principles, and standards, aligning with business objectives and regulatory requirements.
• Technical Guidance and Analysis: Provide in-depth technical analysis and architectural guidance to project teams, ensuring systems meet stringent security requirements from inception through deployment.
• Risk Management and Trade-off Analysis: Act as a subject matter expert to address complex security issues and contentions, collaborating with project teams to find balanced trade-offs between security, operational efficiency, and functional needs.
• Security Best Practices and Design Oversight: Oversee and provide expert advice on security best practices in system design, implementation plans, and infrastructure deployments, ensuring adherence to architectural standards.
• Cross-Functional Collaboration and Planning: Develop comprehensive work plans in collaboration with cross-functional teams (e.g., development, operations, infrastructure) to deliver integrated and effective security solutions.
• Problem Solving and Innovation: Proactively identify and analyze complex security problems, break them down methodically, and develop innovative and appropriate architectural solutions.
• Cloud Security Strategy and Architecture: Lead the development and implementation of the organization's cloud security strategy and architecture, with a strong focus on AWS and GCC platforms, ensuring secure adoption and operation of cloud services.
• Security Platform Leadership: Provide architectural leadership and guidance for the design, implementation, and evolution of key security platforms, ensuring their effectiveness and alignment with the overall security architecture.
• Security Standards and Governance: Contribute to the development and enforcement of security policies, standards, and guidelines, ensuring compliance with relevant regulations and industry best practices.
• Threat Modeling and Risk Assessment: Lead threat modeling exercises and contribute to risk assessments to identify potential vulnerabilities and design appropriate mitigation strategies within the architecture.
• Security Technology Evaluation: Evaluate and recommend new security technologies and solutions to enhance the organization's security capabilities and adapt to the evolving threat landscape.
• Mentorship and Knowledge Sharing: Mentor junior security team members and promote knowledge sharing of security architecture principles and best practices across the organization.
• Incident Response Architecture: Contribute to the architectural design of incident response capabilities and play a key role in providing technical expertise during security incidents.
• DevSecOps Integration: Champion and provide architectural guidance for the integration of security practices into the Agile/Scrum development lifecycle (DevSecOps).

• Minimum eight (8+) years of progressive IT experience, with a significant focus on security architecture, design, and implementation of complex enterprise IT security systems and services.
• Demonstrated experience in delivering and leading the security architecture for medium to large-scale enterprise projects, encompassing the design, integration, and management of complex infrastructure and application solutions.
• Extensive hands-on experience in architecting and overseeing the operations of security platforms in a medium to large-scale organization.
• Deep and broad domain knowledge across a wide range of security solutions, including but not limited to: Security Information and Event Management (SIEM), Data Loss Prevention (DLP), Database Activity Monitoring (DAM), Data Security and Protection (including encryption and masking), Privileged Access Management (PAM), File Integrity Monitoring (FIM), Web Application Firewall (WAF), Intrusion Prevention/Detection Systems (IPS/IDS), Endpoint Detection and Response (EDR), and Vulnerability Management.
• Significant and demonstrable experience in designing and implementing secure cloud architectures, with in-depth knowledge of security best practices and native security services within AWS and GCC platforms.
• Strong understanding and practical experience with Agile/Scrum methodologies and integrating security within these frameworks (DevSecOps).

• Bachelor's or Master's degree in Engineering, Computer Science, or a related field.
• Relevant advanced certifications in cyber security architecture or cloud security are highly preferred (e.g., SABSA, TOGAF with security specialization, CISSP-ISSAP, CCSP, AWS Certified Security - Specialty, Google Cloud Certified - Professional Cloud Security Engineer, Microsoft Certified: Azure Solutions Architect Expert with security focus).
• Exceptional written and verbal communication skills, with the ability to articulate complex technical concepts to both technical and non-technical 1 audiences, including executive stakeholders.
• Highly organized, independent, and capable of leading and working with minimal supervision in a fast-paced environment, while adhering to organizational processes and governance frameworks.
• Strong analytical and problem-solving skills with a strategic mindset and the ability to think holistically about security challenges.
• Excellent leadership, collaboration, and influencing skills to drive security initiatives across diverse teams.
• A proactive and continuous learning approach to stay abreast of the latest security threats, technologies, and architectural best practices.

• Strategic Focus: Added emphasis on strategic leadership, defining security architecture frameworks, and aligning with business objectives.
• Cloud Leadership: Explicitly highlighted the leadership role in developing and implementing cloud security strategy, particularly for AWS and GCC.
• Security Platform Leadership: Emphasized the architectural leadership for security platforms.
• Threat Modeling: Included leading threat modeling exercises as a key responsibility.
• Security Technology Evaluation: Added the responsibility of evaluating and recommending new security technologies.
• Mentorship: Included mentoring junior team members.
• Incident Response Architecture: Highlighted contribution to incident response architecture.
• DevSecOps Champion: Explicitly mentioned championing and guiding DevSecOps integration.
• Advanced Certifications: Preferred qualifications now include more advanced and architecture-specific certifications.
• Leadership and Influencing Skills: Added leadership, collaboration, and influencing skills as key attributes.
• Strategic Mindset: Emphasized the need for a strategic and holistic approach to security.

• CISSP
• TOGAF
• SABSA