About Us
Mizuho Bank, Ltd. is a subsidiary of the Japan-based Mizuho Financial Group, Inc. (listed on the Tokyo Stock Exchange and NYSE) and is one of the largest financial services companies in the world. Mizuho Bank, Ltd. provides financial and strategic solutions for the increasingly diverse and sophisticated needs of its clients with offices located in all the major cities of the world such as Tokyo, New York, London, Hong Kong and Singapore.
Auto req I
1653BR
Department
Asia-Pacific Corporate Function Coordination Department
Section
Regional Cyber Security
Location
Singapore
Job Responsibilities
Mizuho is looking for a Security Solutions Architect with over 10 years of experience in designing, deploying and supporting security solutions in the region across multiple domains such as data security, network security, IAM, application security, cloud security etc.
The individual will possess a strong knowledge and understanding of technologies that would help to build the secure posture of the organization. He/ she should have technical knowledge and hands on experience with security technologies and be able to envision the overall architecture of the organization with integration to other existing technologies and solutions of the organization.
Responsibilities
- Able to create clear and comprehensive security architecture design documents such as HLD's and LLD's that fully cover the business, functional, security and operational aspects of the organization.
- Work with enterprise architecture and other technology teams to conduct architecture reviews from security perspective, threat modelling and risk assessments. Identify threats and potential security issues and recommend practical remediation controls to resolve the issues.
- Act as a trusted security consultant across the region.
- Provide technical security guidance to architects, engineers and project teams on secure architecture and design of their solutions and project so that the solution meets secure by design methodology.
- Represent security in Architecture Review Boards and similar architectural forums and review the solutions being presented and raise concerns to arrive at a mutual consensus.
- Able to build and maintain good healthy relationships with enterprise architecture, project management office, security operations, security engineering, network and application teams.
- Able to identify and recommend compensating security controls when the implementation and use of primary security control is not feasible due to various factors.
- Able to perform security product evaluation and conduct POC & POV from functional, technical, operational and cost aspects and provide a detailed report to management for review and consideration.
- Perform research and analysis of emerging technologies and assess its suitability to be used in Mizuho to improve the overall security posture of the organization.
- Work closely with engineering teams to identify and fix any misconfigurations and issues/ incidents in Mizuho security controls portfolio.
- Stay current with security incidents, attack vectors, industry trends and threat mitigation measures in cybersecurity space.
Job Requirements
- Expert level of knowledge in deducing security controls for a given scenario across all security domains.
- Proven experience of designing, implementing and operation handover of regional wide security initiatives.
- Knowledge and experience in scripting and programming languages such as python, Java, PowerShell etc. is preferred.
- Technical knowledge and experience in following are essential.
- IAM – user and system authentication and authorization, CIAM, RBA, MFA, RBAC, ABAC, SSO, PAM, secure secret storage and mgmt., Entra ID, ADFS, Kerberos etc.
- Data – data encryption, PKI, KMS, HSM, DLP, DAM, CLM, PQC, Tokenization, masking, data residency etc.
- Application – DevSecOps, CI/CD pipelines. SAST, DAST, IAST, RASP, WAF, API security, OWASP top 10 vulnerabilities etc.
- Network – reverse and forward proxies, NAC, URL filtering, IPS, IDS, Threat prevention, IP access lists, Micro-segmentation, SASE, SSE, Zero trust, Cisco ACI, DDOS, VPN, NDR etc.
- Cloud – Cloud native security controls, SaaS, PaaS, IaaS security controls, IAC, CWPP, CSPM, CASB, hybrid cloud security controls etc.
- Infrastructure – Server and endpoint security controls, VMs, Containers and Kubernetes, DNS & DHCP security controls etc.
- Knowledge and experience in areas such as SIEM, Security analytics, SOAR, UEBA, EDR, FIM, VM etc.
- Deep hands-on technical knowledge on at least two domains given above.
