Conceptualize, plan, research, design, and implement robust security architectures for on-premise and cloud environments related to enterprise-scale digital initiatives and platforms.
Build quickly Threat Models. Analyze and review Threat Models. Provide guidance as a security consultant on new technology implementations.
Well-versed in tools and techniques to secure all sorts of digital identities, assets, technology, applications, and platforms in online, cloud, mobile, and in the world of connected devices.
Proficient in vulnerability testing, risk analyses, security assessments, security standards, security protocols, security systems, authentication protocols, public key infrastructures (PKIs), certification authorities (CAs), digital signatures, and cryptography.
Demonstrate broad knowledge in cloud security areas such as security groups, network ACLs, virtual networks, vNet peering, Load Balancing rules, Availability Zones, network firewalls, Web Application Firewalls, IDS/IPS, endpoint security, and hardening.
Good exposure in SAML, OAuth, JWT, SSL.
Experience implementing multi-factor authentication, single sign-on, Federation, identity management or related technologies.
Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
Experience in reviewing current system security measures and recommending and implementing enhancements. Promptly responding to all security incidents and providing thorough post-event analyses.
Experience in trusted API gateway, API security architecture, and related technologies. Can provide a complete solution to protect the API ecosystem from cyberattack. Can design and implement security architecture around IoT and connected devices including securing IoT network, authenticating IoT devices, encrypting IoT data, implementing IoT PKI security methods, IoT API security, AI Security.
Experience in architecting security solutions to handle PII and sensitive data flowing across digital applications.
Experience in handling global security and regulatory compliances at the application level, e.g., GDPR-like Data Privacy laws.
Qualifications
Nice to Have
Exposure to Device IDAM.
Additional advanced security qualifications such as CISSP (Certified Information Systems Security Professional) certifications are highly desirable.
Excellent written and verbal communication skills as well as business acumen and a commercial outlook.
Ability to guide technical discussions with both technical and non-technical audiences.
Ability to negotiate mutually agreeable outcomes with clients
