Senior Security Architect - Contract - Hybrid
- Posted 28 June 2024
- Salary £450 - £550 per annum
- LocationCity of London
- Job type Contract
- Discipline Cloud & Infrastructure
- Reference107096
- Contact NameMichael Antonelli
Job description
Role: Senior Security Architect
Location: London/Hyrbid (40% office based)
Start: ASAP
Duration: Minimum 6 months, extension likely.
Main purpose of the job
▪ To set the clients information security technical standards in relation to the whole lifecycle: procurement; configuration; operation and decommissioning of IT products and services.
▪ Responsible for developing a security strategy for the clients IT products.
▪ To own the clients information security standards and be responsible for developing a roadmap that results in compliance with a baseline security model.
▪ To take an active part in ensuring security by design within all ISD projects.
▪ To work with other members of the IG Compliance team to track and report on progress against the roadmap.
▪ To work closely with the ISD architecture practice to assist with baking security into the clients architectural standards.
▪ To provide advice and guidance to ISD Solution Architects and product team as required.
▪ To assist product teams to become more security aware and capable of managing their own security responsibilities.
Ideal Candidate Profile:
Essential:
- Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services
- At least one of: CISSP, CISA, CISM, TOGAF, relevant SANS/GIAC certifications or similar. Additional certifications desirable
- At least one of:
- Full-stack knowledge of IT infrastructure
- Direct experience designing IAM technologies and services
- Strong working knowledge of IT service management (e.g., ITIL-related disciplines)
Desirable:
- Direct, hands-on experience or a strong working knowledge of vulnerability management tools
- Experience designing the deployment of applications and infrastructure into public cloud services
- Verifiable experience reviewing application code for security vulnerabilities
- Experience working in a Higher Education environment
Essential Skills and abilities:
- Strategy: Able to interpret business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers
- Communication: Able to translate complex security-related matters into terms that are readily understood by colleagues and present them in person and in written format
- Project Management: Able to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization