Manager-Sec Arch & Eng

Job Description

Job Purpose (Job Summary): Assistant Manager, Security Architecture and Engineering will support Invesco Global Security strategy and vision. Lead team of security engineers and architects, design and enforce conformity with technical standards, security requirements as well as addressing regulatory compliance related issues. As a leader within security architecture and engineering function, the individual will play a key role in the Global Information Security team ensuring that Invesco s landscape is secure.Key Responsibilities / Duties:

• Experience in leading security engineering/architecture resources to delivery secure, reliable and scalable solutions to meet business needs.
• Experience of security technologies and including but not limited to Event Monitoring (SIEM) systems, Cloud workload protection, Next-Gen platforms, Network security, Endpoint protection, Application security etc.
• Lead projects, tactical initiatives and provide leadership on implementation of various security technologies & processes with focus on cloud security and on-premise solution, based on industry best practices
• Defining technical requirements related to data protection, cloud security, endpoint, application security, Identify and access management, threat and vulnerability management
• Strategize current and future cloud security solutions to enhance compliance to NIST Framework, Cloud Security Alliance guidance, HIPPA, GDPR and PCI DSS
• Ensure metrics and periodic updates are provided on various projects assigned
• Think and act strategically. Evaluate and implement security solutions to meet business needs
• Research, design and support cloud security products that will support security requirements
• Investigate, document, and report on information security issues and emerging trends.
• Other duties as assigned.

Work Experience / Knowledge:

• 6+ years experience in IT Security with exposure on various Infrastructure security verticals
• 4+ years of experience deploying Security Technologies in a global environment
• At least 2 years of experience managing resources
• Proven experience in data protection, cloud security, endpoint, application security, Identify and access management, threat and vulnerability management, SOC solutions
• Experience in deploying security solutions to popular cloud platforms like AWS, Azure, GCP, and Oracle.
• Hands on experience in performing configuration scans
• Knowledge of TCP/IP Protocols, JSON, application security and software defined solutions
• Knowledge of or experience with industry compliance standards such as PCI-DSS, HIPPA, NIST, ISO, ITIL, SOC1/2, etc.
• Knowledge of common Internet protocols and applications
• Willingness to travel both domestically and internationally. Frequency and duration to be determined by manager.

Skills / Other Personal Attributes Required:

• Excellent People skills with the ability to act with influence.
• Good communication skills both verbal and written.
• High-energy, confident professional with an ability to remain calm and take control in a crisis.
• Team player and organizer. Ability to multi-task and prioritize.
• Must have ability to diagnose and solve problems while maintaining professionalism and courtesy.
• Open minded, flexible, and willing to listen for other people s opinions.
• Adapts to changing demands and conditions
• Willing to keep up to date and build upon skill and knowledge base.

Formal Education:

• Bachelors degree in computer science/information systems or related field or equivalent demonstrated experience. MS degree preferred.

License / Registration / Certification:

• Preferred Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Cloud Security Knowledge (CCSK) or related certification
• Preferred Vendor Certifications from AWS, Cisco, SANS, Microsoft Azure or Google Cloud Platform

,

Keyskills :
network securitysecurity architecturepci dssregulatory compliancetechnical requirementsit securitymicrosoft azureevent monitoringapplication securityinfrastructure securitycloud securityvulnerability management