Job Description:
- Identify and recommend improvement areas in existing enterprise security architecture to address evolving cybersecurity threats
- Align and balance business requirements with cybersecurity, information, and technology requirements, based on the organization's risk appetite
- Evaluate, perform proof-of-value/proof-of-concept, design, build and implement enterprise-class cybersecurity systems
- Develop integrated security operating models and documentations to ensure operational efficiency, scalability, and sustainability
- Act as a domain expert and trusted partner in Cyber Security & Resilience work closely with stakeholders in Technology Group and other business groups on cybersecurity engineering related matters.
What qualifications or skills should you possess in this role
- At least 10 years of relevant experience preferably in financial services or asset management industries, with minimum 7 years in Cyber Security or Information Security.
- Hands-on experience in implementing and operationalizing data security solutions and data protection, for both structured and un-structured data. Specifically:
- Data discovery, classification, and labelling
- Data encryption, masking, tokenization
- Data Loss Prevention (DLP)
- Enterprise Digital Rights Management / Information Rights Management
- Privacy Enhancing Technologies and Confidential Computing
- Key and certificate management
- Hardware Security Modules (HSM)
- Access controls
- Secure file transfer and data store (including SaaS solutions)
- Familiarity with cloud security and data security and protection in cloud environments (e.g., AWS, Azure, Google Cloud).
- Scripting and coding skills, with proficiency in Java, Python, C#, or similar programming languages, and good understanding of REST API's and JSON.
- Familiarity with cloud security and data security and protection in cloud environments (e.g., AWS, Azure, Google Cloud).
- Working experience with other cybersecurity products such as SIEM, threat intelligence, security incident response and forensic investigation, network and endpoint protection, and others, would be advantageous.
- Ability to produce detailed documentation, including design diagrams and process flows.
- Must be meticulous, versatile, and inquisitive, having strong attention to detail with an analytical mind and outstanding problem-solving skills.
- Desire to learn, working in a diverse environment, interacting with multiple teams and functions to support strategic goals. Be a good team player and excellent communicator.
- Professional qualification in information security, such as CISSP / CISM / CEH will be advantageous.
Please refer to U3's Privacy Notice for Job Applicants/Seekers at When you apply, you voluntarily consent to the collection, use and disclosure of your personal data for recruitment/employment and related purposes.
