Overview
Provide expertise in the definition, design, engineering, and validation of security configurations for technology platforms in the cloud and on-premises.
Key Responsibilities
- Provide cybersecurity assurance expertise for IT initiatives.
- Define, guide engineering, and validate implementation of technology agnostic security control standards.
- Develop technology-specific configuration baselines (Security Hardening) and implementation guidelines.
- Conduct quality assurance reviews of security requirements and audit recommendations.
- Educate stakeholders on appropriate security design and technical configuration.
- Work with IT project teams to develop implementation plans for new security-related products.
- Provide security-related technical solutions to IT stakeholders, service providers, and business units.
- Identify opportunities to improve business practices or IT security-related processes.
- Prioritize, monitor, and assess compliance and audit recommendation results.
- Support the information security assurance manager in maintaining the Fund's ISO 27001 certification.
- Analyze, recommend, and implement process improvements within information security.
Required Experience
- Minimum of 10 years of relevant experience working in infrastructure or enterprise security roles with a Bachelor's degree; OR a minimum of 4 years of relevant experience working in infrastructure or enterprise security roles with an Advanced degree.
Experience should include:
- Proven track record in delivering technical security assurance and engineering solutions.
- Practical implementation experience in operational security within regulated environments.
- Extensive technical security experience across a broad range of core Azure services, including Microsoft 365 security controls, Entra ID, Microsoft Defender suite, Azure network security, and other key components of the Microsoft security ecosystem.
- Advanced working knowledge (preferably previous hands-on experience) in:
- Wide array of Infrastructure services e.g. Virtualization Platform, Linux and Windows Operating systems and OS applications, Active Directory and related services, Networking services – switches and routers and other supporting services
- Web Server e.g. Apache and IIS
- Applications e.g. Tomcat and other application servers
- Database system e.g. MSSQL, PgSQL, Oracle, MongoDB etc.
- Security technologies e.g. Firewall (Checkpoint, Palo Alto, Azure Firewall), IDS/IPS, Proxy service (forward and reverse), Zero trust, SIEM, SOAR, Network detection and Response (NDR)
- Hands-on security configuration of platforms (cloud and non-cloud).
- Basic IT consultancy skills.
- Demonstrates expertise in securing application, database, and infrastructure components through tailored hardening approaches.
- Pragmatic security expert with an inherent ability to balance security demands with business reality.
- Demonstrates a commitment to continuous learning.
- Strong knowledge of security solutions, emerging threats, and effective countermeasures.
Qualifications
- Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study.
OR
Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study.
Certifications:
(Minimum plus at least 2 preferred)
- CISSP or CISM (minimum required)
- CCSP (preferred)
- Microsoft Certified: Cybersecurity Architect Expert (preferred)
- Microsoft Certified: Azure Solutions Architect Expert (preferred)
- Other Microsoft cloud security related certifications at the Expert level (preferred)
- GIAC certifications (preferred)
- Offensive security related certifications (preferred)
- Red Hat Certified Engineer (RHCE®)/ A Red Hat® Certified Architect (RHCA) (preferred)