CAIA's Career Center is an easy-to-use, comprehensive resource connecting job seekers with employers in the growing AI field. Use your knowledge and credibility to advance your career or build a talented team for your organization. Opportunities targeted to CAIA Charterholders are prioritized.
In order to search for jobs specifically for CAIA Charterholders or those pursuing the CAIA Charter please enter “CAIA” in the search panel.
This will enable you to search for CAIA specific roles globally.
The job requires in-depth knowledge and hard skills (e.g. secure cloud architectures, cryptographic practices, protocols, etc.) as well as strong soft skills (e.g. communication and presentation skills, stakeholder management) and a good amount of previous work experience demonstrating these.
Principal Responsibilities, Accountabilities and Deliverables of Role:
Research & Planning:
Plan, research and design robust security architectures for any IT project
Develop threat use cases/scenarios to clearly depict threats to security architecture.
Aligning new security solutions with existing technologies and designing and planning integration.
Lead and coordinate assessment of existing and target / implemented architecture.
Cost, Planning, Project Management:
Prepare cost estimates and identify integration issues for solutions and architectures
Understanding of Security Engineering outputs and able to oversee and incorporate into security planning
Able to incorporate security measures into the existing, resultant or target architecture.
Design high level and low-level security architecture to meet business and technical requirements
Design public key infrastructures (PKIs), including the use of certification authorities (CAs) and digital signatures
Identify and reuse security solutions and consider integration with other tools when designing security solutions.
Coordinating the installation of security solutions and managing the configuration of said solutions.
Identifying opportunities to automate processes and activities and coordinating the implementation of automation.
Identifying gaps in architecture and addressing these gaps through defining security requirements based on threat landscape/assessment.
Coordinate the testing of security solutions, and test security solutions you're the product owner for
Training & Knowledge share:
Expert knowledge in cryptography and Cloud Security solutions and able to research and understand new solutions.
Define, implement and maintain corporate security policies and procedures
Monitor issues/remediation activities to ensure gap closure to fulfil security control objectives and meet mandatory external requirements.
Be informed of changes to industry best practices, changes in architecture (e.g. Cloud) and work with third parties, vendors and the wider bank to design relevant security controls.
Coordinate with other members of Group IT, Cyber & Information Security, and end-user departments to sustain appropriate technical and procedural controls to support the industry mandatory security objectives.
Develop and own a security strategy and deliver to the end-to-end including planning and roadmap development.
Design and develop high-level security architecture documents.
Develop architecture patterns to address multiple/differing use cases.
Develop and enhance Architecture Building Blocks (ABBs) and Solution Building Blocks (SBBs) and design architectures mapping to these building blocks
Write comprehensive reports including documenting existing architecture and defining baseline and target architecture in terms of components, integration and capabilities, and aligning with business requirements.
Prepare and document standard operating procedures and protocols.
Prepare technical and business architecture documentation, as per the defined frequency, and keep it in a clear way to support the Bank and ensure it remains compliant all year round.
Work in a team environment to educate and analyse security architectures and help develop other activities for reviewing and monitoring mandatory security controls.
Will be the Product Owner, supporting the senior security architect in Product Owner responsibilities regarding specific security tools under the remit of the team.
Will be the Product Owner for Microsoft and Symantec CASB solutions, ensuring correct configuration, issues identified and resolved, develop processes/procedures and follow up on alerts
Will be the Product Owner for nShield HSM solution, ensuring correct configuration, issues identified and resolved, develop processes/procedures and manage associated activities (key life cycle management)
Will be the Product Owner for Microsoft AIP solution, ensuring correct configuration, issues identified and resolved, develop processes/procedures and manage associated activities (classification labelling, handling DLP alerts)
Will be the Product Owner for Bluecoat proxy / Fireglass solution, ensuring correct configuration, issues identified and resolved, define policies, develop processes/procedures and manage associated activities.
Reporting findings to management
Perform ad hoc additional duties as required.
Job Context (Circumstances & environment surrounding the job):
For a cyber security programme to be proactive and efficient at addressing business and technical needs, security architecture and engineering needs to be a core service offering of the department. To this end, Bank ABC is creating a role within the CISO organisation to ensure the Bank has an architecture and engineering framework to address short- and long-term security requirements to meet business needs. This will enable the organisation to stay abreast of projects and initiatives in the bank and deliver relevant security controls quickly whilst taking into consideration integration with various other systems.
The role needs to support the overall department's security architecture and security programmes and initiatives, integrating with relevant systems and security tools and ensuring that they are configured correctly and can integrate with other tools and systems to provide a holistic and complete solution. The role will require hands on technical skills and may involve designing low level and high-level architecture as well as implementing them in the cloud and on-premise. The role requires the candidate to be a strong communicator with good relationship management skills since they will be required to build a strong rapport with key business and technology stakeholders.
Strong understanding of Cloud Computing Security, including AWS, Azure, Office 365, APIs and WEB services
Strong knowledge in designing and implementing cryptographic solutions including PKI infrastructure, certificate management and deploying encryption technologies for systems, databases, applications across on-premise and cloud
Understanding of Information Security frameworks (e.g., ISO 27001/27002, NIST CSF, CIS TOP 20)
Understanding of architecture frameworks (e.g. TOGAF, SABSA)
Good knowledge and hands-on experience in security systems, including CASB, HSMs, web proxies and content filtering, DLP solutions, etc
Detailed technical knowledge of operating system and Cloud CIS baseline
Good knowledge of low-level and high-level security architecture design and development
Good understanding of security design patterns
Experience with network security and networking technologies and with system, security, and network monitoring tools
Education / Certifications
University degree with an IT background
Recognized and active information security qualifications (e.g., CISSP, CISM, EC Council or SANS related certifications, AWS or other cloud-specific certifications).
At least 8 years of work experience
3+ years of direct hands-on experience on configuring technical security solutions and working with Cloud Service Providers (including Azure, Office 365 and AWS) ideally within financial services
Experience in working with cryptographic solutions (e.g. HSM)
Experience in developing a high level architecture for the cloud
Strong team player
Fluent in English (mandatory)
Ability to organise and prioritise tasks
Able to conduct the role with minimum supervision
Strong communication skills capable of dealing with a wide range of internal and external stakeholders.