Senior Security Architect
  • United Arab Emirates Dubai
  • Deriv
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

Job Information
Industry
Cyber Security & IT
City
Dubai
Country
United Arab Emirates

Job Description
As cyber threats evolve, it becomes increasingly important to incorporate security as a core element of the software development process. In this challenging and rewarding role, you will be responsible for designing and implementing systems that prioritise security from the beginning of the software development life cycle (SDLC). By working closely with the software development, security, and operations teams, you will help to improve processes, tools, and culture to ensure that security is treated as a shared responsibility. Through your efforts, our continuous integration and continuous delivery (CI/CD) are done securely.

As a Product Security Architect at Deriv, you will have the opportunity to make a real impact on our company's success. You will have the chance to work on cutting-edge technologies and stay up-to-date with best practices. If you are a highly skilled and motivated engineer with a passion for building secure, scalable, and reliable systems, apply for this role to take on a new challenge and make a real difference.

Your challenges
• Be an integral part of developing and maintaining the product security architecture and creating necessary requirements
• Create threat models and approaches to analyse risk for new and existing functionality
• Work closely with Engineering and Operations to ensure that security and privacy is integrated into all aspects of the SDLC and to ensure we architect secure solutions that are built to last
• Incident management: Act as a primary point of contact in response to security incidents, such as data breaches or cyber-attacks, immediately and effectively
• Develop and implement security policies and procedures
• Create detailed reports and presentations on our security architecture and risk
• Testing, selection, and implementation of technologies, tools, and working methods: Evaluate and test different security technologies, tools, and working methods to determine their effectiveness and implement those that are deemed appropriate for the organisation
• Automation of security controls: Create and implement automated processes and tools to improve the efficiency and effectiveness of security controls
• Collaborate with the wider security team to share ideas, tools and processes and help reinforce a security culture within Deriv

Requirements
• Expert guidance and advice on all product security and privacy matters
• An expert in Public Cloud Security and core components including EC2, EKS, AWS Networking (Subnetting, Route Tables, SG’s, VPC, VPC Peering, NACLS, VPN), RDS, Storage (S3, EBS), SSO, and Federation
• The ability to inspect code and actively seek out security issues and vulnerabilities
• Confident in discussing all AWS features and aspects, address security concerns surrounding each, and provide preventive solutions for securing each component both individually and as a part of a complex setup
• Hands-on experience with tools like CloudTrail and GuardDuty to monitor and detect security threats
• Knowledge of Google Cloud Platform (GCP) would be a plus
• Strong understanding of software development, security, operations principles and best practices including secure design patterns
• Proficiency in one or more programming languages (e.g. NodeJS, Perl, C++)
• Demonstrable experience with remediating security problems, including automated processes in AWS
• Experience with DevOps tools and best practices (e.g. Git, Jenkins, CircleCI, Ansible)
• Knowledge of security and privacy principles including best practices (e.g. authentication, authorization, encryption, GDPR)
• University degree in computer science or a related field
• Strong problem-solving skills
• Excellent spoken and written English communication skills

Benefits
• Market-based salary
• Annual performance bonus
• Medical insurance
• Housing and transportation allowance
• Casual dress code
• Work permit

Quick response
Required Knowledge
  • K0002   Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0024   Knowledge of database systems.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0227   Knowledge of various types of computer architectures.
  • K0291   Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
  • K0293   Knowledge of integrating the organization’s goals and objectives into the architecture.
  • K0009   Knowledge of application vulnerabilities.
  • K0374   WITHDRAWN: Knowledge of basic structure, architecture, and design of modern digital and telephony networks. (See K0599)
Required Skills
  • S0060   Skill in writing code in a currently supported programming language (e.g., Java, C++).
Required Abilities
  • A0015  Ability to conduct vulnerability scans and recognize vulnerabilities in security systems.
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0060  Ability to build architectures and frameworks.
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • A0148  Ability to serve as the primary liaison between the enterprise architect and the systems security engineer and coordinates with system owners, common control providers, and system security officers on the allocation of security controls as system-specific, hybrid, or common controls.