1. Job search
  2. Shanghai jobs
  3. Cybersecurity Architect - APAC
Cybersecurity Architect - APAC
ClariosShanghaiUpdate time: August 28,2019
Share Save Job Follow this company
Job Description
Cybersecurity Architect - APAC - WD30079598228

RESPONSIBILITY LEVEL:
Clarios is looking for an experienced Cybersecurity Architect with good communication skills to join our global team of information technology professionals. This role will be a part of the Information Security team and will be responsible for assessing, designing, resolving and integrating information security into information technology solutions. As a Cybersecurity Architect you will be responsible for increasing security awareness among project teams and making information technology solutions more robust and secure. You will work with the Demand office, Enterprise Architecture and IT leadership and be responsible for mentoring and driving them through the security assessments and adopting secure solution design principles.

  • Perform security assessments for on-going projects: both Architecture and Implementation/Code Review
  • Contribute in building secure architecture for the new projects or making corrections to existing ones
  • Consult on all 3rd-party application security penetration testing
  • Consult on vulnerability response process, impact assessments and remediation plans
  • Recommend design and code changes to meet product security objectives and remedy security findings
  • Perform unit-test if needed to verify a remediation or provide a proof-of-concept as evidence of a vulnerability
  • Work as a security advisor helping to establish secure development activities during solution development
  • Communicate with customers and teams, be able to convey the message about importance of security, the ways of establishing it and the wrong ways of enforcing it (e.g. do pen testing before release)

DUTIES:

  • Knowledge of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP CLASP etc)
  • Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modeling, Security Code Review
  • Deep understanding of the nature of security threats and their classification
  • Knowledge of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS etc) and how they match the general classification
  • Understanding of main security principles, such as multi-layered protection (Defense in Depth)
  • Understanding of main areas of protection (Security, Privacy, Availability) and levels of defense (networking, infrastructure, OS, Application)
  • Understanding of mitigation mechanisms for every type of threats (e.g. validation, sanitizing, crypto-operations etc)
  • Good knowledge of Security Features and Mechanisms provided by at least one OS (e.g. Windows, Linux, Android, iOS etc) and development platform/technologies (e.g. Java, .NET Framework, databases etc)
  • Familiarity with existing security standards (e.g. PCI DSS, HIPAA, NIST, Common Criteria etc) and what does it mean to implement compliance with them
  • Familiarity with the tools for various security activities: Static Code Analysis, Pen Testing, Intrusion Detection/Prevention etc
  • Experience with VAPT and familiarity with common security vulnerabilities, the lexicon of findings (CVSS, CVE), ability to assess severity, etc
  • Understanding of basic principles of infrastructure security and penetration testing
  • Ability to use the tools to perform actual attacks is a plus

Qualifications
REQUIREMENTS/QUALIFICATIONS:

  • Bachelor’s degree or related experience in Computer Science, Engineering or related discipline.
  • Strong experience with MS Visio, PowerPoint, MS Word and MS Excel.
  • Minimum 5 years of experience, designing, implementing and supporting large-scale, information security environments.
  • Professional certification in relevant disciplines preferred: CISSP, CISA, CEH, Etc.
  • Strong people management skills with global experience.
  • Strong technical and non-technical communication skills.
  • Ability to establish and maintain high levels of client trust and confidence.

Job Information Systems

Primary LocationChina-Shanghai-Shanghai

Organization Power Solutions

Overtime Status-Exempt

Apply on Company WebsiteSee all jobs at Clarios

Get email alerts for the latest"Cybersecurity Architect - APAC jobs in Shanghai"