Expert Engineer/Enterprise Security Architecture

Job Description

Responsibilities

• Accountable to recommend, plan, design, and implement all necessary and required security controls to protect the infrastructure services after due review of design documentation following the security practices and guidelines.
• These are a list of the services in scope: 5G, 4G, 3G, MPLS, Internet, Cloud, NFVi, SDN, Data Centers, IOT, AI, IT and IPTV.
• Must support, coordinate and conduct quarterly Risks Assessments of the services following the Risk Management approach.
• Must engage with multiple stakeholders and services owners to achieve these daily tasks.
• Provides professional guidance and support to subordinates in carrying out the assigned functions where applicable.
• Design security architecture / best practices, processes, risk assessment, planning, project management, documentation and presentation.
• Conduct risk assessments of services including identification of threats, threat actors, vulnerabilities and their impacts.
• Conduct comprehensive risk assessments in order to identify all issues and track them via implementing risk management methodologies.
• Develop, support, and apply a risk management framework in projects.
• Perform security gap-analysis across projects, applications and vendors, documenting remediation plans.
• Provide expert advice and support to ongoing infrastructure modernization and service owner projects.
• Create security guidelines for Services such as Mobile, IOT, Cloud.
• Manage security vendors from selection to ongoing operations.
• Authors RFIs, RFPs and RFQs and liaises with vendors and suppliers throughout the purchase cycle to ensure both financial and technical fits are achieved.

Qualifications

• Bachelor's degree in computer science, Computer Engineering, or Cyber Security.
• Must have a strong understanding of core telecom and infrastructure networks, including 5G, 4G, , MPLS, Cloud, etc.
• Minimum 5 years of experience in the Cyber Security field.
• In-depth knowledge of virtualization technologies and their security requirements.
• Hands-on experience in developing policies and guidelines for telecom and IT services.
• Knowledge of telecom and IT standards (ITU, ETSI, ISO, etc.) and security products.
• Proficiency in security tools and technologies (GRC, UTM, IPS/IDS, DDoS, WAF etc.)
• Excellent project management, documentation, and presentation skills.
• Information security certifications (CISSP, CISM, CRISC, etc.) are preferred.