fbSenior Security Architect @ ValueLabs

Job Description

Senior Security Architect

Expires on: July, 17 2021
Job Code: VL/AS/0306/D/216
Experience: 7-10 Years

• Senior Security Architect


• Deep foundational knowledge, understanding and application on all aspects of Information Security concepts from broad range of technical and non• technical areas (Technical)
• Expert at the technology and frameworks in his/her area of expertise, and coaches other architects on development standards and best practices.
• The architect must have a deep understanding of Microservices and API concepts, designs and deployment scenarios
• Good hands on experience solutioning technology architectures that involve API /Micro services Security
• Experience working in a DevOps environment with knowledge of Continuous Integration, Containers, DAST/SAST tools and building Evil Stories (Technical)
• Good knowledge of the concerns and threats that revolve around Cloud Security and how those concerns can be mitigated (Technical)
• The architect has the skill to follow design principles and applies design patterns to enforce maintainable, readable and reusable patterns, in the form of code or otherwise
• The architect can understand and interpret potential issues found in source or compiled code
• The architect has automation skills/capability in the form of scripting or similar
• The architect has the ability to attack application and infrastructure assets, interpret threats and suggest mitigating measures
• Ability to interpret Security Requirements mandated by oversight functions and ensure comprehensive coverage of those requirements, via documentation, within high level design and/or during agile ceremonies, via Evil Stories
• The architect can propose options for solutions to the security requirements / patterns that provide a balance of security, user experience & performance
• The architect has the skill to discuss and present solutions to other architecture, security, development and leadership teams.
• The architect can interpret and understand vulnerability assessment reports and calculate inherent and/or residual risks based on the assessment of such reports
• Ability to articulate and be a persuasive leader who can serve as an effective member of the senior management team. • Good negotiation skills will be desirable
• Must have good judgment skills in order to decide on an exception approval
• Ability to enforce improvements when necessary using Influence rather than Policing measures
• Superior written and verbal communication skills in order to effectively communicate security threats and
• recommendations to technical or non•technical stakeholders
• Knowledge of application of Agile methodologies/principles such as Scrum or Kanban
• Influencer/Dynamic Security Evangelist for the Team/Squad
• Thought Leader
• Positive & Constructive Attitude
• Autonomous worker / Decision Maker
• Good listener
• Patient & Calm during stressful situations
• High energy individual / Motivator
• Win•Win
• Hacker/Defense•In•Depth mindset
• Analytical thinking
• Team Player/Interpersonal Skills
• Eye for detail
• Persistent & Persuasive
• Organized / Structured
• Deadline oriented
• Competent and committed
• People’s Person; understands stakeholder management
• Empathetic
• Passionate about architecting smart solutions
• Innovator/Out of the box thinker
• Collaborative Leadership style
• Confident Presenter

• Bachelor’s degree in a computer•related field such as computer science, cyber/information security discipline, physics, mathematics or similar
• Master’s degree in business administration, information security, human resource management, finance or • international business or executive education from reputed institutes like Harvard
• Deep understanding of Microservices/API Attack vectors and their associated defenses. Knowledge of OWASP Top 10 Web & API and/or similar is very essential
• General Information Security: CISSP, CISM/CISA or similar
• General Cloud Security: CCSK /CCSP or similar
• Specific Cloud Security: AWS/Azure/GCP/Oracle Solution/Security or similar
• Architecture: TOGAF/SABSA or similar
• Privacy: CIPT, CIPP/E
• Agile: Certified Scrum Master (CSM)


• If applying for a Digital Banking role – Banking or e•Commerce Industry experience of at least 2•3 years is necessary
• Experience in the regional sector is not necessary but will be desirable, since Middle East regulations apply heavily
• Must have a minimum 7•10 years of experience in an information security function with good background in information technology, stakeholder management and people management
• Minimum 3•5 years’ experience, as an API Security Architect
• Minimum 3•5 years’ experience as an Enterprise & Data Architect
• Prior experience managing a team of 3•5 individuals
• Budgeting, creating slide decks and presentation skills