Security Architect

£40,950 to £76,100 dependent on experience
25 Sep 2017
03 Nov 2017
Contract Type
Full Time
Security Architect NorwichLondon Job ID: R-53360 Full time Pay family: Information Technology Salary: Salary circa £40,950 to £76,100 dependent on experience Role Description Working within the Group CISO department as part of the Security Architecture team, the Security Architect will work with internal and external stakeholders (both IT and non-IT areas). The focus of the role is to provide strategic security capability direction for the long, medium and short term horizons. Assets include Solutions Architectures, Security Principles and Standards, contribution to the overarching Security Strategy and Vision, and the production of Domain Roadmaps that can be used for portfolio planning. The Security Architect role is performed using wider enterprise architecture tools and governance processes. You will have strong analytical skills in order to articulate capability requirements, identify options, and clearly document the merits of each and will be a Certified Information Systems Security Professional (CISSP) or similar. You will bring to Aviva your knowledge and experience of securing enterprise technologies e.g. Business Platforms, Analytics & Big Data Platforms, Middleware & APIs, Databases and be able to implement accordingly. Travel within the UK will be required. Duties & Responsibilities: - Architecture ownership of assigned Security Domains including the creation and ownership of domain assets such as Visions, Principles, Solutions Architectures, and Roadmaps for each. - Shaping and optimising the Security Portfolio with the Security Change function, using Roadmaps as key inputs. - Liaising with Project Managers and Solutions Designers to set projects up for success at the start to ensure strategic value is delivered and tactical effort and spend is minimised. - Performing strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressing. - Facilitating workshops with Technical and Business stakeholders to provide direction or drive issue resolution - providing analysis, distilling down to key decisions, and capturing next steps or plan for issue resolution. - Providing ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc. Qualifications: - Educated to Degree level (or equivalent) preferably in Technology or Information Security. - Certified Information Systems Security Professional (CISSP), or similar. Experience / Knowledge: - Have demonstrable, well grounded experience in an information security field. - Proven experience using Information Security Frameworks (e.g. ISF, NIST, ISO) and use of Architecture development methods (e.g. TOGAF). - Previous experience of seeing Security Architecture direction and decision making through to Design, Implementation and Run/Operations. - Domain expertise in three or more areas: - Network Security (e.g. WAFs, Firewalls, Proxy, IDS/IPS, CASB). - Information Protection including classification, tagging, and Data Loss Protection. - Identity & Access Management (incl. RBAC, recertification, federation, and MFA). - Malware detection. - Endpoint security capability (e.g. posture check & isolation, device lockdown, etc.). - Cryptography (e.g. key & certificate management, hardware security modules, data encryption & rights management solutions). - Vulnerability management, risk management and threat intelligence. - Application & Database Security (incl. SDLC, code scanning solutions, DB firewall & monitoring). - Security monitoring, correlation and operations. - Be adept at identifying and addressing emerging domain trends and articulating considerations, impacts and future decisions. Additional Information Benefits include: - Salary circa £40,950 to £76,100 dependent on experience. - 29 days' holiday plus bank holidays. - Competitive on target performance bonus. - Up to 14% Company contribution to your pension. - Aviva flexible benefits. - Employee discounts. - Season ticket loan. - Share scheme. Bring to Aviva what makes you different and we'll support you to do the best work of your life. We encourage applications from everyone who wants to help us achieve our purpose of helping our customers to Defy Uncertainty. One of Aviva's core values is Care More, and this is brought to life through the flexible ways we like to work. This may include working from home some of the time, or flexible work schedules to accommodate parent and carer responsibilities, further studies and hobbies.
This job was originally posted as