Job Purpose: 

The Infrastructure Security Specialist’s primary responsibility will be to design measures to protect the corporate data from leakage.

Provide requirements for implementing strategic direction and business requirements on data loss protection.

The Infrastructure Security Specialist’s will ensure data loss protection design is well coordinated to achieve  full data protection on systems, network, infrastructure, and cloud, remote workers, contractors and vendors.

Job Responsibilities/ Accountabilities:

Architecture:

• Involve in infrastructure design with a Security focus
• Design Data Loss Prevention (DLP) and Information Classification tools, M365 DLP and Azure Information Protection.
• Designing of key network and infrastructure security solutions and controls such as firewalls, SD-WAN, WAF, DDoS protection, IPS, Web Proxy, EDR.
• Designing of SASE solutions and cloud-based service delivery of traditional security controls (e.g. content filtering, firewall)
• Designing of cloud infrastructure security designs (IaaS and PaaS), MS Azure preferred
•   Broad knowledge of Information Security, IT and industry best practices
• Providing technical direction on all areas of data security, including strategy, architecture roadmap, policies, standards, procedures, and governance.
• Leading the Architecture, design and implementation guidance for Data Security program including techniques such as data obfuscation, masking, tokenization, encryption technologies.
• Providing guidance to technical teams on architectural, design, procedural best practices for data security in hybrid environments (on-prem and cloud-based such as AWS, Azure, GCP)
• Developing security best practices for integrations between data producers, data lake, data consumers, API, and application integrations
• Designing & architect data protection mechanisms for protecting data at rest and data in transit

Develop data security best practices for protecting corporate data in M365 cloud

Strategy:

• Excellent understanding of best practice infrastructure and network architectures
• Document and communicate security solution roadmap to head of department and the bsuiness

Knowledge and Experience

• BS/BA in Computer Science, Information Technology, Engineering, or related field AND 5+ years’ experience in technology solutions, practice development, architecture and consulting.
• Proven success and expertise in architecting innovative security solutions primarily in a client-facing role
• Experience giving presentations to executive audiences and explaining the benefits of the Microsoft security platform
• Track record of delivering quality solutions as a Security technical leader
• Deep technical knowledge of Microsoft security and identity technologies, such as Active Directory, Azure Active Directory, Microsoft Defender for Endpoint, Azure Defender for Identity, Azure Security Center/Azure Defender, Azure Sentinel, and M365 Security & Compliance technologies
• (APT), Credential Theft, Zero Trust, Privileged Access Management, Just-in-time Administration, etc.
• Knowledge of Security Assessments and Reviews
• Knowledge of security, threat modelling, incident response and recovery techniques
• Knowledge of Hybrid Cloud and Workload Security configurations and practices.
• Knowledge of Security Standards, Policies and Governance frameworks
• Knowledge of industry and government cybersecurity frameworks and regulations, such as NIST Cybersecurity Framework, NIST 800-53, FINRA and CMMC.
• Microsoft AZ-500 and MS-500 certification or equivalent AWS, GCP or OpenStack certified
• Knowledge and certification in modern project delivery methods, such as DevOps and Agile/SCRUM.
• Knowledge and use of product management methodologies and Scaled Agile Framework
• Familiarity with structured architectural methodologies

Key Critical Competencies

Experience of designing and architecting secure infrastructure services to meet business requirements across a range of technology areas.

• Strong experience of deploying and securing cloud environments (Azure, AWS or Google Cloud).
• Solid experience of Microsoft 365 security and authentication technologies such as Active Directory, Azure Active Directory.
• Demonstrable experience of securing, designing, deploying and installing enterprise applications
• Knowledge of Intune, Email security platforms, Enterprise Antivirus
• Experience of installing and supporting diverse server hardware.
• Experience of managing Windows Server, Exchange, Linux, VMWares, SCCM and Windows 10.
• Excellent negotiation, and written and verbal presentation skills
• Ability to handle high pressure situations with key stakeholders
• Good Analytical skills, Problem solving and Interpersonal skills