- Looking to hire?
- Career advice
- CV Information
- Employment advice
- Career advice from our recruitment specialists
- Interview advice
- About us
Senior Security Architect required on a perm basis REMOTE WORKING AT PRESENT - based in West Sussex
Working for a leading Utilities organisation, the Security Architect will play a key role in defining, planning, implementing and managing existing and emerging technologies in the Infrastructure Architecture Team under The head of IT Strategy & Architecture. The Infrastructure Architect will work with Strategy & Architecture peers, stakeholders, the Lead Infrastructure Architect, IT & Business leadership and subject matter experts, to understand, define and implement the enterprise's technology; strategy, processes, and information technology assets.
The Security Architect will utilise contextual artefacts to support definition of the enterprise-wide IT architecture that will meet current and future needs in an efficient, sustainable, agile, and adaptable manner. The Security Architect also defines and refines enterprise security technology standards, roadmaps, modules, and tools for the enterprise, and partners with business and IT leaders and architects to provide direction and architectural strategy advice on complex and dynamic issues.
Scope of role
The snr security architect will be responsible for the following activities and functions:
* Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
* Develop security strategy plans and roadmaps based on sound enterprise architecture practices
* Develop and maintain security architecture artefacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
* Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artefacts
* Participate in application and infrastructure projects to provide security-planning advice
* Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
* Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
* Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
* Conduct or facilitate threat modelling of services and applications that tie to the risk and data associated with the service or application
* Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
* Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF
* Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
* Verifiable experience reviewing application code for security vulnerabilities
* Payment Card Industry Data Security Standard (PCI-DSS) / HIPAA-HITECH / Validated Systems (e.g., GAMP)
* Sarbanes-Oxley / (GDPR) / Privacy Practices / ISO 27001/2 / NIST Cybersecurity Framework (CSF)
This role is to start ASAP and will offer from 80k with potential to negotiate depending on your experience.
Networkers acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers and is part of Gattaca Plc.
Gattaca Plc provides support services to Networkers and may assist with processing your application.