Key skills
AWSAzureCloudCyber SecurityFirewallsSwitchingAnalyticsMentoring
About this role
Role Overview
- Contribute to the design, implementation and ongoing development of the security architecture of the client's IT systems
- Identify business objectives, user needs, risk appetite and cyber security obligations
- Identify vulnerabilities, perform threat modelling, undertake risk assessment, evaluate the effectiveness of security controls
- Verify and evidence alignment to 'Secure by Design' principles, corporate security policy/standards as well as industry recognised frameworks and best practice
- Contribute to deliver and continually enhance a coherent approach to the design of secure client end-to-end solutions
- Contribute to secure conceptual, logical and high level designs by identifying appropriate security controls to be embedded in solutions that meet business requirements whilst evidencing alignment to the target risk appetite
- Contribute to the design and be able to articulate and justify design recommendations at security architecture assurance gates
- Contribute to design documentation, options papers, risk assessments, stakeholder presentations and be able to effectively communicate these to both senior technical and non-technical stakeholders
- Contribute to reference architecture of established patterns, principles and guidelines
- Contribute to the development of the Security Practice skills and capabilities to ensure consistent high quality of service delivery and expertise
- Active coaching and mentoring of junior members of the team
- Contribute to the development and presentation of compelling client proposals collaborating with teams across our business.
Requirements
- Min 3 years security architect experience, for more senior roles 5+ years
- Awareness and understanding of industry security frameworks and guidance such as NIST CSF, NIST 800-53, NCSC CAF and other NCSC guidelines
- Good knowledge of networking (switching, routing, firewalls)
- Awareness or limited experience with the design concepts associated with adoption of Cloud platforms (AWS and/or Microsoft Azure)
- An understanding of the native security capabilities and some practice within Cloud platforms (AWS and/or Microsoft Azure)
- Understanding of modern security concepts, common attack vectors, malware, security analytics and threat intelligence
- A understanding of security testing and vulnerability management is important (including pen testing/ITHC, CVSS/CVE)
- Some experience working with security standards such as ISO 27001, 27002, 27017, 27108 etc
- Any One of the certifications (CISSP, CISM, CCSP, CRISC) or equivalent experience
Tech Stack
- AWS
- Azure
- Cloud
- Cyber Security
- Firewalls
- Switching
Benefits
- Equal Opportunity Employer
- Global culture embracing diversity
- Environment free of discrimination and harassment