Job Description
The client is a regional Insurance company with Asia HQ based in HK, also with presence in Singapore. The company is committed to maintaining the highest standards of security and compliance. The hiring manager (IT Director based in HK) is seeking a highly skilled Security Architect (can also offer Security Support Manager title, but still an IC role) to join their team and support its security initiatives.
Job Description: As a Security Architect (or Security Support Manager), you will be responsible for designing, implementing, and managing the security architecture of the IT infrastructure, Cloud and enterprise networks. You will work closely with various departments to ensure the security of the data and systems infrastructure, providing technical expertise and guidance. This individual contributor role requires a deep understanding of security principles and hands-on technical skills.
Key Responsibilities:
Develop and implement security strategies, policies, and procedures to protect the organization’s IT infrastructure and data.
Design and oversee the implementation of security solutions, including firewalls, intrusion detection systems, and encryption protocols.
Conduct security risk assessments and vulnerability tests to identify and address potential security threats.
Monitor and analyze security incidents, providing timely response and remediation.
Collaborate with IT and other departments to ensure security measures are integrated into system and application designs.
Provide technical guidance and support for security-related projects and initiatives.
Stay updated with the latest security threats, technologies, and best practices.
Prepare and present security reports and documentation to senior management.
Ensure compliance with relevant regulatory requirements and industry standards.
Requirements
Strong academic qualification in Computer Science, Information Security, or related field.
5-7 years of experience in a Security architecture or similar role, preferably within a Corporate End-user environment (will also consider strong candidates from Security Software vendor company).
In-depth knowledge of Security frameworks and standards such as ISO 27001, NIST, and CIS.
Experience with security technologies and tools, including but not limited to:Firewalls (e.g., Palo Alto, Fortinet)
Intrusion Detection/Prevention Systems (IDS/IPS)
Security Information and Event Management (SIEM) systems (e.g., Splunk, QRadar)
Endpoint Protection platforms (e.g., Symantec, CrowdStrike)
Public Key Infrastructure (PKI) and encryption technologies
Identity and Access Management (IAM) solutions (e.g., Okta, Azure AD)Proficiency in security risk assessment and vulnerability management tools (e.g., Nessus, Qualys).
Strong understanding of network protocols and technologies (e.g., TCP/IP, DNS, VPNs).
Excellent problem-solving and analytical skills.
Strong communication and interpersonal skills.
Relevant certifications such as CISSP, CISM, CEH, or similar are highly desirable.
Ability to work independently and manage multiple tasks simultaneously.
Fluent in English (MUST); proficiency in Cantonese, ability to speak other Asian languages is good, but not a MUST HAVE.