Golden Bridge Drive is an on-line game development company based in Singapore and Taiwan. We are developing an online eco-system (game integration, account management, merchant platform, payment platform, risk control platform, big data analysis platform, cloud service platform and etc.) and providing technology services and solutions to gaming business operators all around the world. The company was founded in 2012 and has been in fast growing pace ever since. The business has been a great success thanks to the strong demands, and we are currently growing the team.
About the role:
As our Security Architect, you are responsible for designing, building, testing, and implementing security systems to mitigate risk.
Roles and Responsibilities:
- Provide guidance on security solutions and best practices to internal teams.
- Evaluate, architect, and lead the teams to implement security-focused tools and services for Cloud, Containers and CICD pipelines, covering application and platform security, and integrate with security operations and identity and access management solutions.
- Drive the development and maintenance of both Public Cloud and Government Commercial Cloud security standards and work closely with solution architects on both Public Cloud and Government Commercial Cloud architecture design.
- Collaborate with solution architect and review system architecture (including application architecture design, network design and system solutioning) to identify IT security risks and propose appropriate mitigating measures to address the risks.
- Establish and maintain cybersecurity related processes and procedures, including secure-by-design methodology, secure coding practices, patch management processes, identity and assess management processes, etc.
- Work with various teams to deploy security solutions that will enable continuous and automated enforcement of security controls, compliance assurance and monitoring, and runtime protection against threats.
- Evaluate architectural designs and perform security reviews with engineering teams. Facilitate security review activities such as penetration testing, secure code reviews, and design/architecture security reviews.
- Support security incident management by performing security analysis and investigations of security incidents involving the Cloud / Container / CICD components.
- Bachelor’s degree in computer science, engineering, business, or relevant field of study.
- At least 10 years of IT experience with 5 years of implementation and support experience in security architecture under commercial environment and/or in the area of security-by-design for large-scale system development projects, information security and IT risk management in a commercial environment.
- At least 3 years' hands on experience working in the following: Developing security solutions in Cloud, Containers and CI/CD pipelines.
- Knowledge of cloud reference architectures and public cloud security best practices preferred. Cloud certification (e.g. ISC2, AWS) would be good to have.
- Expertise in AWS cloud architecture and security fundamentals including containers, software-defined networks, multi-cloud.
- Good knowledge in VPCs, VNETS, VPN Gateways, Load Balancers, DNS, security groups and Network Access Controls, Azure Firewalls, Connecting On-premise. infrastructure with cloud platforms like AWS, Azure via AWS DirectConnect, Azure ExpressRoute, Networks Security monitoring, DDOS protection, RDS, SSH and etc.
- In-Depth understanding of Identity and Access Management services provided by AWS and their support RBAC and Fine-grained Access Control.
- Familiar with Multi-tier application architecture in the context of Identity and Access Management, Access governance.
- Familiar with Kerberos, OAuth, SAML and Authentication/SSO standards.
- Good working knowledge of common SDLC models (such as waterfall model and agile), security-by-design framework, and security management frameworks such as ISO/IEC 27001, NIST Cybersecurity Framework.
- 5+ years performing reviews of application architectures for security vulnerabilities and threat modelling.
- Professional security certification is desired, such as CCSP, CISSP, CSSLP, CISM, CISA or other similar credentials.
- Ability to independently work and demonstrate communication capabilities including oral presentation.
- Have a strong sense of responsibility, team awareness, accepting of challenges.
Thank you for your interest to join Golden Bridge Drive, Due to the large number of applicants, only shortlisted candidates will be notified.
Golden Bridge Drive (SG)