Security and Infrastructure Manager

Thursday, October 8, 2020 | Mauritius
The Security and Infrastructure Manager ensures that security, availability and performance are considered in every stage of our development and operational processes. Following the Microsoft Security Development Lifecycle, they own our security policy, train our people, model our threats and continuously improve our prevention and detection measures.

 

INFRASTRUCTURE

  • Evaluate the structure and capacity of the company’s infrastructure on Azure
  • Implement and improve automated capacity and availability monitoring
  • Minimise the cost of our infrastructure within the Development Roadmap
  • Report clearly the status, continuous improvement and cost of our infrastructure

 

SECURITY

  • Own our development and operational security policies with clear requirements and metrics
  • Model threats inside and outside of our business
  • Establish and embed global security design and encryption standards
  • Evaluate third party components and tools against our standards
  • Verify and test all code before it is committed to a new release
  • Design and implement continuous automated security testing against compiled code
  • Coordinate our penetration testing schedule and action recommendations
  • Train our people to ensure that security is never an afterthought
  • Establish and test our Incident Response Process

 

REPORTING

  • Set out a clear and costed vision for our infrastructure and security measures
  • Report progress against that plan, in consultation with the Product Manager

 

TARGET VOCATIONAL QUALIFICATIONS

  • Information Systems, Computer Science Bachelor's Degree OR equivalent experience
  • CISM and/or CISSP certification
  • Agile/Lean certified
  • 7+ years of experience in software security, preferably in a security assurance role
  • 3+ years of hands on security experience in working with cloud / online services
  • Deep technical knowledge of cloud architecture, product security, threat detection and response
  • Our tech is Azure Serverless Cloud and so the successful candidate will be proficient in most of the following:
    • Microsoft Azure Serverless cloud technologies such as App Services, Service Bus and SQL Azure and how best to monitor, manage, scale, deploy and secure these. A knowledge of Azure DevOps, release pipelines and ARM templates would also be useful

 

ABOUT YOU

  • Track record of successfully building alliances across operational and technical teams
  • Outstanding detail-oriented organizational skills, with a strong individual process to follow-up on the smallest items to ensure nothing falls through the cracks
  • Ability to be flexible with a positive attitude and learn quickly in a dynamic environment
  • Substantial emotional intelligence - can balance the needs of the company and read a situation to understand when to forcefully push something, or give it some space
  • Experience in driving key information security, compliance and other regulatory requirements internally and externally
  • Can-do attitude honed in a small business or team, ideally in the financial services sector