Director, Security Solutions Architect - Mizuho Bank

MIZUHO BANK, LTD. IS A SUBSIDIARY OF THE JAPAN-BASED MIZUHO FINANCIAL GROUP, INC. (LISTED ON THE TOKYO STOCK EXCHANGE AND NYSE) AND IS ONE OF THE LARGEST FINANCIAL SERVICES COMPANIES IN THE WORLD. MIZUHO BANK, LTD. PROVIDES FINANCIAL AND STRATEGIC SOLUTIONS FOR THE INCREASINGLY DIVERSE AND SOPHISTICATED NEEDS OF ITS CLIENTS WITH OFFICES LOCATED IN ALL THE MAJOR CITIES OF THE WORLD SUCH AS TOKYO, NEW YORK, LONDON, HONG KONG AND SINGAPORE.

• Design and implement secure architectures and solutions across networks, applications, cloud environments, and data systems.
• Ensure security principle (e.g. confidentiality, integrity, availability) and compliance with Bank standards are embedded into all IT projects and systems.
• Develop security blueprints, reference architectures, and design patterns aligned with industry standards.
• Create and publish a standards catalogue for security technologies, methods, and implementation requirements.
• Develop and implement processes to ensure IT teams engage with security for consultancy and review in the early stages and throughout the life of the project.
• Act as the subject matter expert for security architecture and provide technical guidance to project teams, developers, and engineers.
• Review and approve security designs, ensuring alignment with policies, regulatory requirements, and best practices.
• Lead security related discussions and present solutions to both technical and non-technical stakeholders.
• Develop strategies and solutions to mitigate identified risks and ensure compliance with security standards.
• Research and evaluate security tools, technologies, and frameworks to enhance the organization’s security posture.

• Bachelor's or above degree in Information Security, Computer Science or related field is preferred.
• At least 15 years of experience in hands on cybersecurity, with prior experience in a Security Solution Architect role.
• Proven experience designing secure solutions for enterprise environments, including on-premises, cloud, and hybrid architectures.
• Familiarity with secure development practices (DevSecOps) and CI/CD pipeline security.
• Strong understanding of various cyber security technologies addressing the protection of identities, data, applications, endpoints and infrastructure.
• Demonstrated experience in applying security and risk frameworks such as: NIST, Mitre ATT&CK, Mitre DEFEND, ISO27K
• Demonstrated experience in applying technical solutions to meet regulatory requirements stipulated by regional authorities (examples: MAS, HKMA, BOJ, RBI, BNM, CFR-RBA, CBIRC, etc)
• Pro-active with multitasking capabilities, comfortable to work in both hands-on and leadership role.
• Demonstrated track records of efficient, scaled delivery with small teams, directly taking on and providing deliverables with limited resources
• Ability to articulate cyber risks to senior leadership within the context of corporate strategy and threat environment
• Strong technical aptitude, including demonstrated ability to understand broad IT topics outside of cyber security
• Demonstrated decision making, problem solving and leadership skills
• Professional certificates are advantage - both technology agnostic (CISSP / CISM / SANS ) and technology specific.