A global leading provider of a range of insurance products with offices based in south Dublin is seeking an information security architect to join their team. This role will be to assist the business in using a risk based approach to secure IT systems from current and emerging threats during development and maintenance cycles.
Determine security requirements for projects. Estimate the cost and determine the delivery approach for security solutions. Assist in preparing global IT security standards and reference architecture. Assist the development of policies and procedures.
The key responsibilities of this role are as follows:
• Plan, analyze, and design global security systems including network monitoring, intrusion detection and prevention, identity management, access control, mobile device management, and data protection. Initiate upgrades to security systems as necessitated by technology availability and maturity, security gaps, emerging threats, business risk and needs, and cost effectiveness.
• Serve as a primary security contact for projects during the planning, analysis, and design phases of projects. Provide IT security technology and process guidance for enterprise architects and the business. Monitor ongoing projects to verify that security components are built and deployed as originally designed. Assist in reviewing compliance to reference security architecture and industry standards, internal policies, and procedures.
• Improve the security posture of business systems by planning and designing the delivery of security within the solutions. Evaluate security at all levels including network (firewalls, routers, etc.), server (mid-range, mainframe, virtual, appliance, etc.), OS (Windows, Linux, OSX, iOS, Android, etc.), application server (WebLogic, JBoss, WebSphere, etc.), application (Java, JSP, .NET, etc.), data store (Directory and database), authentication mechanisms, authorization procedures, auditing/logging, and user administration and access control. Consult on security considerations based on system delivery models including internally hosted, cloud hosted, cloud managed, mobile, etc.
• Research emerging threats, vulnerabilities, and security practices/standards to maintain professional relevance and assist during the response to security incidents affecting or potentially affecting the organization.
• The successful candidate will have the following mix of education, technical skills, knowledge, competencies and behaviours:
• Education, technical skills and knowledge
• 7+ years of professional experience with at least 5 years specific to security
• Strong communications skills - spoken and written
• Strong interpersonal skills
• Experience with calculating and assess risk based on threats, vulnerabilities, and mitigating factors
• Risk assessment procedures, policy formation, role-based authorization methodologies, data security protection, authentication technologies and security attack pathologies
• ISO 27001/27002, ITIL and NIST frameworks
• Experience with best practices and methods of IT strategy, enterprise architecture and security architecture
• Exposure to business planning, systems analysis and application development
• Experience with working across business unit and geographical boundaries to engage team members required
• Experience of financial services (or other) application and infrastructure information security
• Bachelor’s degree required
• Certifications a plus: CISM, CISSP, CISSP-ISSAP, TOGAF, CEH
• Knowledge of software & web application security best practices
• Knowledge of third party auditing and cloud risk assessment methodologies
• Security concepts related to DNS, routing, authentication, VPN, proxy services and DDoS mitigation technologies
• Knowledge of the latest security threats, techniques and exploits targeting vulnerabilities
If you are interested in the Information security architect role, please contact Ian Donnelly on 01 6621000 or click on apply now.