Information Security Architect - Global Engineering Organisation

Recruiter
NST Recruitment Ltd
Location
Coventry
Salary
£70,000 + Benefits
Posted
31 Oct 2017
Closes
16 Nov 2017
Contract Type
Permanent
Hours
Full Time

Information Security Architect ? Global Engineering Organisation

£70,000 + Bonus

Coventry

Our client, a global engineering organisation require an experienced Information Security Architect who will be responsible for providing architectural input for projects as well as work streams initiated by the Information Security team. In particular, you will communicate security requirements as well as design and deliver solutions that are founded on architectural frameworks such as SABSA that are in line with NIST 800-171, NIST 800-53 and ISO-27001 standards.

Key Responsibilities

  • Help establish and improve the engagement with project teams and the wider business by working with business analysts, project managers, solution architects and delivery teams to ensure projects meet information security requirements.
  • Provide hands-on support for identifying, protecting and remediating defects on information security assets.
  • Develop security standards and baselines for identifying, protecting and monitoring information resources in line with current security best practice. Ensure that standards and baselines remain aligned with the business requirements for information security and map directly onto the security architectural framework.
  • Provide on-going reviews of standards and baselines to ensure current threats are addressed and that feedback is communicated to the Information Security Policy lead.
  • Perform security risk analyses of planned and existing information systems to determine, record and communicate risk.
  • To develop and execute threat modelling tools and techniques where appropriate. Provide assistance in developing the risk assessment methodology.
  • Design, configure and run automated security tools to identify technical defects, prioritise and communicate those defects in the context of the wider risk management strategy, and plan appropriate remediation activity.
  • Ensure that security systems are configured and optimised to deliver best value for the wider business.
  • Escalating security concerns and risks to the Information Security Manager.
  • To work with the partners to ensure security solutions (current and planned continue to meet the security requirements while providing cost effective security coverage.

Skills & Experience

  • A working knowledge of an architectural framework relevant to Information Security architecture is expected (SABSA, TOGAF, NIST Cyber Security Framework).
  • Experience in the architectural design of integrated security services, infrastructure, mobile or endpoint security solutions.

Experience across the following technologies;

  • Core networking technologies: TCP/IP networking, switching, routing, WAN, MPLS, DNS, DHCP, tcpdump, Wireshark
  • Cloud technologies: security concerns of IaaS, PaaS, SaaS architectures, CASB solutions
  • Firewalls, url filtering, anti-malware, security containers
  • Intrusion detection/protection, deep packet inspection, SSL inspection, DLP
  • Monitoring / SIEM: SNMP, Netflow, syslog, Windows Events, log correlation
  • High availability architectures: switching, routing, clustering technologies
  • Authentication and Authorisation: Kerberos, SSO, LDAP, OAuth, OpenID, JWT, forms-based authentication, RADIUS, SSH, public key infrastructures, digital certificates and certificate authorities
  • Application security: Web application firewalls, OWASP, static and dynamic analysis, securing the SDLC, Sec-DevOps, Visual Studio, Team Foundation Server , orchestration technologies e.g: Chef, Docker, Kubernetes
  • Penetration testing tools and toolkits (experience with at least one of the following): Kali, NMAP, MetaSploit, BurpSuite, OWASP ZAP, SQLMap, HexEdit, GDB
  • Mobile Device Management and Security: MDM, MAM, MCM

This job was originally posted as www.jobsite.co.uk/job/959435712