Security Architect (CF-33936398)
Remote with 1 day per week in the office (Northamptonshire or London)
£70,000 - £82,000 + 15% Bonus and Benefits
I'm currently recruiting for a Security Architect to lead security architecture and security assessment activities, particularly in relation to new projects and other initiatives.
The Security Architect role is not part of the companies IT team and is split 80% of project work and 20% on strategy and defining future initiatives.
The Security Architect will take ownership for defining security requirements and associated capabilities and providing thought leadership across the organisation regarding the implementation of security requirements and standards.
As a Security Architect you will also support the CISO in facilitating organisation-wide implementation of standards, tools and systems needed to protect information assets.
- Defining security architectural roadmaps
- Performing security assessments for projects and other initiatives
- Defining security design patterns and associated standards
- Support ongoing security risk management processes
- Taking ownership of security solutions, ensuring compliance with Information Security policies and standards
- Responsible for Information Security Risk Management process including; risk analysis, identifying and applying appropriate controls, recording, reviewing and approval
- Review architectural and design documents from a security standpoint
- Work with the CISO to define overall security strategy
- Identifying, shaping and managing proof of concept activities for new security capabilities
- Performing risk assessments across security architecture and operations domains
- Writing and updating Information Security technical standards.
Key skills/Experience the company are looking for:
- Experience of defining architectural roadmaps and capability models
- Relevant industry experience defining security requirements, designs and standards
- Strong risk management knowledge and experience
- Experience in and knowledge of operating systems, mobile device platforms, web technologies, hardware and software platforms, and protocols
- Strong awareness of software development practices and methodologies
- Knowledge of OWASP vulnerabilities, tools and methodologies
- Knowledge of the MITRE ATT&CK framework
- Knowledge of applicable internal and/or external regulatory policies, standards, procedures and controls
- General awareness of Information Technology Infrastructure Library (ITIL) concepts and its applicability to a security services environment
- Understanding of applicable regulations and contractual requirements relating to information security in EMEA, APAC and the Americas
- Awareness of and experience with security technologies including: Firewall, IDS/IPS/HIDS, anti-malware, SIEM, Vulnerability Scanning, Threat Intelligence sources & services
- Knowledge of offensive security principles, tools, and techniques
- Knowledge of the EU General Data Protection Regulations and Payment Card Industry requirements
- Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)
To find out more about Computer Futures please visit www.computerfutures.com
Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Agency in relation to this vacancy | Registered office | 1st Floor, 75 King William Street, London, EC4N 7BE, United Kingdom | Partnership Number | OC387148 England and Wales