Technology, Consultant

AIA SINGAPORE PRIVATE LIMITED
  • Job category
    Information Technology, Insurance
  • Job level
    Professional
  • Contract type
    Full Time
  • Location
    Central
  • Salary
    S$7500 - S$14000

Job Description

Information Security Design Review

  • Design and/or review application security architecture proposal for various security-driven initiatives or business-driven initiatives for on-premise and cloud environment
  • Design and/or review authentication and authorization flow of the applications, whether it is aligned with security best practices and organization's IT security technology policy & procedure in terms of the strength of access controls, session management, cache management, cookie management, token management, cryptographic algorithm, and information/data protection
  • Provide feasible application security architecture recommendations or guidance based on proposed application changes either it is initiated by application development team or business users
  • Assess the security aspect of new proposed application tools / platforms from application team, and relevance/consequences to existing security architecture
  • Work closely with application development team to proactively stay on top of latest secure application architecture design to deliver thorough security recommendation aligned with organization's IT security technology policy & procedure
  • Facilitate challenging application security architecture conversations and provide acceptable solutions where IT standards are contradicting with business demands to achieve acceptable business solutions without sacrificing security and compliance aspects


Information Security Design Review of the infrastructures

  • Design and/or review infrastructure security architecture proposal for various security-driven initiatives for on-premise and cloud environment
  • Design and/or review architecture of the network security, OS security, endpoint security, firewall & IPS security, whether it is aligned with security best practices and organization's IT security technology policy & procedure
  • Provide feasible infrastructure security architecture recommendations or guidance based on proposed infrastructure changes from infrastructure operation team
  • Assess the security aspect of new proposed infrastructure tools / platforms from infrastructure operation team, and relevance/consequences to existing security architecture
  • Work closely with infrastructure operation team to proactively stay on top of latest secure infrastructure architecture design to deliver thorough security recommendation aligned with organization's IT security technology policy & procedure
  • Facilitate challenging infrastructure security architecture conversations and provide acceptable solutions where IT standards are contradicting with business demands to achieve acceptable business solutions without sacrificing security and compliance aspects


Specialized Information Security Domains

  • The role may be called upon to lead or be involved in reviewing or standardizing the information security architecture across key digital solutions especially on cloud security, application security and data security
  • Assist in security review and coordination for Technology division application development teams, where applicable
  • Although this is an individual contributor role, the candidate should also expect to perform the role of a specialist mentor to the junior members of the staff within the team


Job Requirements

  • Education –
    University degree in one of the following or related disciplines (Computer Science, Computer Engineering, Information Security, Information Systems)
  • Experience –
    - Minimum 8 years of experiences of security architecture design review
    - Preferable to have application development or infrastructure operation background with hands-on experiences of designing and/or reviewing application security or infrastructure security.
    - Working experiences in insurance / banking / financial industry is preferred
    - Certifications related to security architecture or Cloud Security is preferable, such as CCSP, Azure DevOps certification, Azure Solutions Architect certification, etc
    - Good interpersonal and communication skill
    - Good team player with a high integrity, proactive mindset, and strong ownership
  • Certifications/licenses –
    Preferably a holder of one or more of the following information security and audit qualifications: CISSP, CISA, CRISC, CCSP

Closing on 21 Oct 2021

orview more job listings from this company