Senior IT Security Advisor - Security Architect - World Vision - Kuala Lumpur, Malaysia

Position Title:	Senior IT Security Advisor - Security Architect	Application Deadline Date:	18 Jan 2013
Position Location:	Kuala Lumpur, Malaysia	Position Start Date:	04 Feb 2013
Region:	Asia	Position End Date:
Requisition Category:	International	Recruitment Priority:	Need Immediately
Country Name:	Malaysia	Program/Office Name:	Information Security
City/Province:	Kuala Lumpur, Malaysia	Employee Type:	Home Country Intl. (HCI)
Job Grade Level:	17/168	Recruitment Status:	SS Interviews in Progress
Is this a family post?	Family - Spouse with Children
		Requisition Num:	2012AIRBRE-92MRHF

*POSITION LOCATION OPEN TO KUALA LUMPUR, MALAYSIA, SEATTLE, WA, USA OR MELBOURNE, AUSTRALIA*


PURPOSE OF POSITION:

The Senior IT Security Advisor - Security Architect is responsible for the overall security-related architectural design of World Vision. This individual works closely with IT and the application development teams to oversee and design secure infrastructure solutions and applications while recommending and facilitating the implementation of protective and mitigating controls.


KEY RESPONSIBILITIES:

STRATEGY:
• Provides strategic and tactical direction and consultation on security and IT compliance.
  
  POLICIES, PROCEDURES, & STANDARDS:
• Acts as primary support contact for the development of secure applications and processes.
• Maintains an up-to-date understanding of industry best practices.
• Develops, enhances and implements enterprise-wide security policies, procedures and standards across multiple platform and application environments.
• Monitors the legal and regulatory environment for developments.
• Recommends manages implementation of required changes to IT policies and procedures.
• Monitors compliance with security policies, standards, guidelines and procedures.
• Ensures security compliance with legal and regulatory standards.
  
  BUSINESS REQUIREMENTS:
• Engages directly with the business to gather a full understanding of project scope and business requirements.
• Assesses business needs against security concerns and articulates issues and potential risks to management.
• Consults with other business and technical staff on potential business impacts of proposed changes to the security environment.
• Provides security-related guidance on business process.
  
  SECURITY SOLUTIONS:
• Works closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.
  
  OPERATIONS SOLUTIONS:
• Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Defines and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment.
  
  RISK ASSESSMENTS:
• Works directly with the customers and other internal departments and organizations to facilitate IT risk analysis and risk management processes and to identify acceptable levels of residual risk.
• Conducts business impact analysis to ensure resources are adequately protected with proper security measures.
• Assesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications.
• Reviews risk assessments, analyzes the effectiveness of IT control activities, and reports on them with actionable recommendations.
• Evaluates security risks and identifies and defines compliance strategies in accordance with policies and standards.
• Provides management with risk assessments and security briefings to advise them of critical issues that may affect customer, or corporate security objectives.
• Communicates with multiple departments and levels of management in order to resolve technical and procedural IT security risks.
• Develops remediation strategies to mitigate risks associated with the protection of infrastructure and information assets.
  
  INFORMATION/DATA SECURITY:
• Defines, identifies and classifies information assets.
• Assesses threats and vulnerabilities regarding information assets and recommends the appropriate security controls and measures.
• Develops and manages security measures for information systems to prevent security breaches.
• Consults with clients on the data classification of their resources
• Provides reports to leaders regarding the effectiveness of information security and makes recommendations for the adoption of new policies and procedures.
• Develops and implements strategies to align information security with business objectives and goals, protecting the integrity, confidentiality and availability of data.
  
  BUSINESS CONTINUITY/DISASTER RECOVERY:
• Develops impact analysis.
• Assists business partners with the determination of critical business processes and systems.
• Identifies and coordinates resolution of recovery issues.
  
  SECURITY PERFORMANCE MANAGEMENT:
• Develops measures to evaluate the security programs and modifies strategies as appropriate
• Analyzes reports and makes recommendations for improvements.
  
  COMMUNICATIONS/CONSULTING:
• Serves in an advisory role in application development projects to assess security requirements and controls and ensures that security controls are implemented as planned.
• Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
• Provides input for the development of the security architecture.
• Informs stakeholders about compliance and security-related issues and activities affecting the assigned area or project.
• Interfaces with business and IT leaders communicating security issues and responding to requests for assistance and information.​
• Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
  
  VENDOR MANAGEMENT:
• Works with third party vendors during problem resolutions.
• Interfaces with third party vendors to evaluate new security products or as part of a security assessment process.​
• Coordinates with vendors to ensure managed services are implemented and maintained appropriately.
  
  TRAINING:
• Develops security awareness and compliance training programs.
• Provides communication and training as needed.
• Provides security briefings to advise on critical issues that may affect client.
• Conducts knowledge transfer training sessions to security operations team upon technology implementation.

KNOWLEDGE, SKILLS & ABILITIES:

REQUIRED:
• Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
• Requires in-depth knowledge of security architectures, network topologies, routing protocols, and security solutions at all levels (e.g. data center, network, server, desktop, laptop, and mobile).
• A high proficiency level in specific job related skills is required.
• Typically requires 7 - 10 years of combined IT and security work experience with a broad range of exposure to security programs, security policies, procedures and standards.
• Over 5 years’ experience designing and deploying security architectures and networks at the enterprise level.
• Requires Security Certification (i.e., Certified Information Systems Security Professional (CISSP), Certified Information Security Manage (CISM), or Global Information Assurance Certification (GIAC).

FOR QUESTIONS ONLY CONTACT WORLD VISION HERE

Downloadable Version (Must Have Adobe Acrobat Reader to view)
If you do not have Adobe Acrobat Reader CLICK HERE.

---

SeniorITSecurityAdvi.pdf

Apply Online