Security Architect

Ref No. EMP445235
Salary £80,000 - £90,000/annum
Location Worthing, England
Job type Permanent
Job Status Now Interviewing

Introduction

Security Architect opportunity - Salary in the range of 90k - based in West Sussex

Important

information systems design

The Job

Security Architect opportunity - Salary in the range of 90k - based in West Sussex

Working for a leading Utilities organisation, the Security Architect will play a key role in defining, planning, implementing and managing existing and emerging technologies in the Infrastructure Architecture Team under The head of IT Strategy & Architecture. The Infrastructure Architect will work with Strategy & Architecture peers, stakeholders, the Lead Infrastructure Architect, IT & Business leadership and subject matter experts, to understand, define and implement the enterprise's technology; strategy, processes, and information technology assets.

The Security Architect will utilise contextual artefacts to support definition of the enterprise-wide IT architecture that will meet current and future needs in an efficient, sustainable, agile, and adaptable manner. The Security Architect also defines and refines enterprise security technology standards, roadmaps, modules, and tools for the enterprise, and partners with business and IT leaders and architects to provide direction and architectural strategy advice on complex and dynamic issues.

Scope of role

The security architect will be responsible for the following activities and functions:

  • Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
  • Develop security strategy plans and roadmaps based on sound enterprise architecture practices
  • Develop and maintain security architecture artefacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
  • Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artefacts
  • Participate in application and infrastructure projects to provide security-planning advice
  • Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
  • Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
  • Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
  • Conduct or facilitate threat modelling of services and applications that tie to the risk and data associated with the service or application
  • Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool

Knowledge/experience:

  • 7 to 10 years of experience in IT, with a minimum of two years in information systems design.
  • Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF
  • Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
  • Verifiable experience reviewing application code for security vulnerabilities
  • Direct, hands-on experience or a strong working knowledge of vulnerability management tools
  • Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services.
  • Payment Card Industry Data Security Standard (PCI-DSS) / HIPAA-HITECH / Validated Systems (e.g., GAMP)
  • Sarbanes-Oxley / (GDPR) / Privacy Practices / ISO 27001/2 / NIST Cybersecurity Framework (CSF)
  • Full-stack knowledge of IT infrastructure:
  • Experience designing the deployment of applications and infrastructure into public cloud services.

Networkers acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers and is part of Gattaca Plc.

Gattaca Plc provides support services to Networkers and may assist with processing your application.

Related jobs

 

 

Related articles

What are you looking for most from your next employment or assignment?

Back to top