My client, a leading financial services provider in the City are actively looking for a Security Architect to join their CISO function. They are in the midst of a number of huge transformation programs at the moment. As a result you will ideally have worked across either network security, Microsoft ecosystems, and cloud security, or you may be looking to work at a more strategic level to help to build a security roadmap for them. This will be based around red teaming remediation programs they have in place. You will also have strong analytical skills in order to articulate capability requirements, identify options, and clearly document the merits of each.
- Architecture ownership of assigned Security Domains including the creation and ownership of domain assets such as Visions, Principles, Solutions Architectures, and Roadmaps for each
- Shaping and optimising the Security Portfolio with the Security Change function, using Roadmaps as key inputs
- Liaising with Project Managers and Solutions Designers to set projects up for success at the start to ensure strategic value is delivered and tactical effort and spend is minimised.
- Performing strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressing.
- Facilitating workshops with Technical and Business stakeholders to provide direction or drive issue resolution - providing analysis, distilling down to key decisions, and capturing next steps or plan for issue resolution
- Providing ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc.
- Have demonstrable, well-grounded experience in an information security field
- Proven experience using Information Security Frameworks (e.g. ISF, NIST, ISO) and use of Architecture development methods (e.g. TOGAF)
- Previous experience of seeing Security Architecture direction and decision making through to Design, Implementation and Run/Operations.
- Domain expertise in three or more areas:
- Network Security (e.g. WAFs, Firewalls, Proxy, IDS/IPS, CASB)
- Windows enterprise security
- Information Protection including classification, tagging, and Data Loss Protection
- Identity & Access Management (incl. RBAC, recertification, federation, and MFA)
- Malware detection
- Endpoint security capability (e.g. posture check & isolation, device lockdown, etc.)
- Vulnerability management, risk management and threat intelligence
- Application & Database Security (incl. SDLC, code scanning solutions, DB firewall & monitoring)
- Security monitoring, correlation and operations
- Educated to Degree level (or equivalent) preferably in Technology or Information Security
- Certified Information Systems Security Professional (CISSP), or similar