The Security Architect for Network and Cloud will lead the design and development of the Firm's cloud network security solutions. The role-holder will oversee the operation and configuration of the Firm's cloud security toolsets. This will include the design and management of CNAPP (cloud-native application protection platform) and CASB (cloud access security broker) technologies.
Main responsibilities
* Design and implement cloud-native security architectures and solutions
* Design and implement CASB strategies to protect the Firm’s cloud services and applications
* Develop and maintain security policies, standards, and best practices for cloud environments
* Conduct security assessments and audits of cloud infrastructure and applications
* Create and maintain solution documentation for cloud network security
* Serve in an advisory, consultative, and oversight capacity for the Firm’s email security architecture, processes, and platforms, partnering with Technology Infrastructure to produce highly secure and resilient solutions that enable the business
* Monitor the email threat landscape, maintain expertise on compensating security platforms and technologies, and deliver proposals and solutions that counter existing and anticipated threats
Skills and experience
* A Computer Science bachelor’s degree or equivalent professional experience
* Extensive experience in designing and implementing enterprise cloud security solutions
* Extensive working experience with Microsoft cloud security tools, including Microsoft Defender for Cloud Apps and Microsoft Defender for Cloud
* Experience of Microsoft purview data classification & labelling for DLP policy enforcement via CASB
* Extensive working experience in email security solutions with secure email architecture design in a hybrid environment
* Experience in deploying enterprise CASB and CNAPP solutions
* Experience configuring and troubleshooting network security, including security groups, network ACLs and load balancers in cloud environments
* Strong knowledge of IAM solutions with desired experience in Microsoft Entra ID
* Strong application and network security risk assessment skills to identify gaps in security configuration and design
* Expert-level problem-solving and analytical skills
* Strong written and oral English communication skills, and ability to convey complex concepts to non-technical constituents
* Strong Knowledge and understanding of network security frameworks and compliance standards
Reports to: Director, Global Security Engineering
Travel requirements: Ad hoc travel will be required
#J-18808-Ljbffr