Information Security Architecture Engineer (Vendor)

Job Description

Mission:

• To plan, optimize, monitor, and continually improve software security.
• To study the latest cybersecurity threats and find, evaluate, and suggest solutions accordingly.

Responsibilities:

• To cooperate with IP planning and ITS infrastructure teams as per the Business development plan to provide a recommendation to infrastructure, operations, data, and application development groups throughout the transitioning phase, implementation in production, and beyond.
• To plan, Implement, run, and control innovative software security systems.
• To collaborate with ITS on a regular basis to ensure system security.
• To carry out testing of the already implemented security system and evaluate the code to increase software security.
• To provide engineering proposals for innovative software solutions to support and alleviate security exposures.
• To contribute to all the security design and architecture plans.
• To develop DevSecOps practices and an understanding of new tools and techniques as well as best practices to plan or optimize a secure gateway and consider security risks for external customers who are connected to our network.
• To work closely with our development team to create an automated continuous integration (CI) and continuous delivery (CD) system.
• To support ITS teams with security solutions and provide their requirements to build and configure delivery environments supporting CD/CI tools using an Agile delivery methodology.
• To plan, research, and design security architectures.
• To research and design public key infrastructures, certification authorities, and digital signatures, and ensure all personnel have access limited to their need and role in the organization.
• To be up to date with the latest security systems, standards, authentication protocols, and products.
• To generate reports for both technical and non-technical staff and stakeholders.
• To develop documentation required to support the program's technical issues and training situations.
• To make recommendations for enhancing data systems security.
• To review software requirement documents participate in the software development clarification and suggest the security requirement based on project type.
• to contribute to PKI elements of new proposals for solutions to customer problems and to make security trade-offs as required.
• To plan, design, control, and implement encryption solutions.