Security Architect

We're looking for a Security Architect!

We're a small but growing Digital Bank, with new and exciting problems to solve. Our environment is bleeding edge digital, fully cloud native, with world class advanced technology. We work in project-based sprints in small, interdisciplinary teams.

As a Security Architect you'd be able to work on and solve some of the many interesting challenges we are facing, learn new ways of working, and build delightful high-quality products for our customers.

Job Description

As we are building the core cyber security capabilities for our Digital Bank, the Security Architect will drive the building and run of best-of-breed capabilities and practices in architecting our systems and applications.

We are building a close knit and lean team bringing in modern approaches to security, integrating cloud-native security designs, offensive security, and agile development. Working closely with security engineering and automation, the Security Architect will also work tightly with internal stakeholders (developers, architects, business) to design adaptive controls and ensure a sound security posture and risk reduction.

The Role Responsibility:

Our Digital Venture is set for a rapid growth and rapidly evolutive environment, thus the candidate will be the focal point of security architecture, continuously maintaining and improving control visibility and effectiveness. The role will be set to evolve and grow over time as the company develops.

Not exhaustively, the Security Architect will be responsible for:

- Developing and documenting security architecture designs, patterns and blueprints

- Reviewing current system security measures and recommending and implementing enhancements

- Reviewing the effectiveness of security controls and adherence to regulatory and compliance requirements

- Developing project timelines for ongoing system upgrades

- Working closely with Product squads, Application Security and End-user Computing to ensure architecture artefacts are established and maintained, deriving adequate control plans adapted to each business context

- Working closely with the group to ensure our Digital Venture meets and exceeds control objective requirements across cyber defence, investigations, incident response and forensics

Our Ideal Candidate:

• Is a technical expert in security architecture, engineering and related areas of expertise


• Is a master of the relevant tools and engines


• Has the hands-on expertise to build and support the operational objectives


• Has experience in IT/security risk management


• Is self-driven, forward-looking and proactive in meeting the requirements but also proposing better solutions


• Understands and can articulate the risk of missing controls and need for operational visibility


• Is collaborative, with a vision of how to work with developers to embed immutability, anomaly detection, forensics and normal-state resumption in the fabric of the application


• Ideally, has experience working in supporting regulated digital payment services such as payment industry & digital banking, or e-commerce services


• Is experienced in building cloud environments, including IaaS providers, cloud-native platforms (Kubernetes) and SaaS third-party applications


• Has a good understanding of DevOps and CI/CD pipelines in a context of security and compliance guardrails


• Has a solid understanding of security protocols, cryptography, authentication, authorisation and auditing


• Has good working knowledge of current IT risks and experience implementing security solutions


• Is experienced in implementing multi-factor authentication, single sign-on, identity management or related technologies


• Has excellent written and verbal communication skills as well as business acumen and a commercial outlook

HR benefits

• Competitive salary


• Salary band per level and employee benefits are reviewed once per year


• 13th month salary pro rata depending on the employee’s length of service (within a calender year), paid with the December salary


• Monthly lunch allowance: 700,000 VND/employee


• Parking: GFT covers the monthly parking fee for employee motorbikes


• Performance evaluation is once per year, for 2 purposes:
     > Performance bonus   > Salary increments

Talent retention policy (Retention bonus)

• 2-year anniversary = 0.5x monthly salary


• 3-year anniversary = 1x monthly salary


• 5-year anniversary = 2x monthly salary


• Paid with salary of month of anniversary.

Health care

• Private health insurance: including accident, outpatient, in-patient, maternity, and dental for all permanent employees who pass 2-month probation.


• Optical: expense claim for eyewear


• Annual health check-ups.

Vacation

• Maximum 18-day vacation leave/year (with the ability to carry over 05 days till 31st March of the following year)


• Adding one more annual leave day for each two-year anniversary.

Healthy lifestyle

• Sports and hobby clubs: company has an annual fund for fitness activities, which is allocated per month as team’s vote.


• Range of healthy snacks, tea, coffee, milk and beer on tap:
  > Tea, coffee and milk are available at pantry area – WeWork
  > Beer is available at pantry area – WeWork
  > Snack is available in GFT office.

Social

• Company townhall: each 6 weeks


• Monthly team lunch at restaurants


• Monthly team engagement activities: one activity per month


• CSR activities: as per company’s CSR guideline and practice


• Hackathon: once per year


• Onsite tour/training courses at other GFT offices and client’s destination overseas (where applicable).

Cập nhật gần nhất lúc: 2023-02-04 17:14:49