Regional Manager, Security Architecture, AXA Asia
Location: HONG KONG
Purpose of the Role
- The role is responsible for developing and governing the overall Security Architecture Landscape, Engineering and ensuring it is aligned to the AXA Group Information Security, Target Architecture and Roadmap.
- Deliver the solution architecture design of Security across Application & Infrastructure level aligned and working with Enterprise & Architecture Target & Roadmap, CISO in AXA ASIA & Regional Information Security team and Infrastructure Team.
- Role also required to develop and support the development, maintenance and update of the Information Security Architecture for the AXA Asia
- The role requires to interact with Group/Regional Internal Audit, Program & Project Managers, local Information Security teams, IT and network architects, Local CISO, Local technical architects, vendors, Professional Bodies and Industry peers
- Strongly support Regional Head Strategy and Architecture to establish architecture governance and synergy between AXA Asia IT Team, Country IT Team, AXA Group Information Security and AXA Technology Service.
1. Strategic Planning
Contribute to strategic planning by providing input to ensure that plans incorporate domain knowledge and understanding of current situation and future solutions to support the specific areas of IT Security in Application & Infrastructure.
2. Security Architecture
Creation, development and maintenance of the regional IS Architecture framework, strategies and roadmaps and liaise across architecture communities as an expert in these specific areas
Manage the holistic view of Security Landscape of the Regional Solution in Regional Data Center including Roadmap and Standard
Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures;
Develop security solutions which are aligned effectively with evolving business strategies and information technology capabilities
Provide project architecture direction to create conceptual and logical designs and supporting documentation ensuring the security concerns are represented throughout
Lead and manage the design process for Security Solutions Architecture to ensure all the solutions are aligned with the strategic roadmap and are aligned with the Security/Infrastructure Standard Works with enterprise architecture, application and infrastructure teams to produce an optimal, high level, conceptual design for the project
Lead and direct security components throughout systems development lifecycle, including requirements definition, proposal development, functional, non-functional, technical design, vendor analysis and selection, construction and testing, ensuring strong disciplines across networks, application security, middleware, database security with risk identification and enterprise wide encryption (includes VPN technologies such as PKI, IKE, IPSEC, SSL/HTTPS and digital certificate management)
Proposes changes in process, policy and standards as they relate to the architecture and design principles.
Researches and maintains knowledge in emerging technologies and solutions to solve business problems.
Ddelivery of complex solutions with comprehension in areas such as Architecture , Configuration , Security , Performance , Scalability , Reliability, Infrastructure
Participate in the design of complex projects, and be the technical authority in this area for the Security
Continuous alignment of team processes with corporate Global Cyber Security policies
Develop Security Design Framework and improve efficiency of the process between AXA Asia IT and AXA Technology Service.
3. Technology Incubation
Research market trends and identify upcoming solutions, conduct POC testing and report POC results to ensure AsiaIT solutions remain competitive against the market trends.
Advise and provide guidance on implementation of new technology solutions to ensure an accurate implementation plan and estimation of financial costs is outlined.
Liaise and consult with vendors to ensure that AsiaIT is informed of available technology updates and innovative solutions from vendors
Exchange strategy and roadmaps with vendors to ensure that they can optimally support AXA initiatives.
5. People Management
Recruit new staff, act as a mentor to junior architects and develop standards for this role aligning with the industry in order to establish and develop the architecture capabilities.
- Bachelor’s degree in Information Technology, Computer Science or related technical field, or comparable experience
- An MSc Information Security would be desirable but is not essential
- Candidate with following certification would be strongly preferred - CISSP ISSAP, ISSEP, ISSMP, GIAC certification.
- Enterprise/Security Architecture certification (e.g. TOGAF, SABSA or equivalent)
- Member of IISP or have the qualification, skills and experience to become a member
- 15+ years’ experience working in data security-related industries and environments
- Experience in technical Information Security solution design > 5 years
- Experience in IP networks and multiple operating systems, in particular Microsoft, Unix, Oracle > 3 years
- Hands on experience of IS technology from a combination of vulnerability management, IAM, IPS/IDS, WAF, HIPS, SIEM, PUAM, Forensics, etc. > 5 years
- Experience with large scale design and implementation projects
- Strong knowledge of business continuity & disaster recovery processes for virtual environments
- Ability to technically lead projects through their lifecycles
- Familiarity with ISO, PCI, HIPAA and other industry compliance standards
- Background in securing multi-tenant cloud environments is a plus
- Capabilities on governance and security project reporting
- Capabilities on preparing security budget
- Ability to function effectively in a matrix structure
- Strong facilitation, negotiation and conflict resolution skills
- Knowledge and experience on security solution evaluation and global solution roll out.
- Should have faced security audit and lead remediation for global organizations.
- Should have experience on Cloud Security and Cloud Security Access Broker
- Ability to communicate highly technical and complex security concepts effectively across all levels of the organization (both IT and business)
- Membership of professional organization in Security Architecture
- Certified Information Systems Security Professional (CISSP)
- Disaster Recovery Planning
- Information Security
- Internal Audit
- IT Security
- Microsoft Exchange Server
- Oracle Database
- Risk Assessment
- Team Management
- Vendor Management