Security is a critical function for my client, a retail giant. This role is for an Information Security Enterprise Architect who will design and secure our enterprise information and core assets. The successful individual will help define conceptual architectural components and building blocks that will be used by solution design teams to construct compliant and secure IT systems. This role requires leadership qualities combined with deep and broad specialist skills in both security and wider technical domains.
- Producing, evolving and refining the security architecture ensuring architectural decisions are compliant with regulatory requirements (PCI, GDPR etc)
- Support establishment of a target solution architecture and roadmap, developing this as business requirements evolves
- Shaping the overall technical and product strategy for the current and any future states of the roadmap.
- Helping to define and agree security blueprint patterns and principles as they relate to the security architecture.
- Raise and resolve any architectural issues/risks that could have implications against the security model.
- Engaging and directing any 'Proof of Concept' or prototyping of applications and solutions.
- Engaging and working with suppliers and partners in order to define the best possible solution and the most appropriate deployment of their technology and products
- Identifying and exploiting the re-use of any components, patterns or techniques and documenting these for re-use by delivery projects.
- Provide governance as part of a Design Authority during project build and test phases to ensure compliance with and appropriateness of the security architecture
- Ensure that operational and supportability guidelines are factored into the construction of any solution - this will include liaison with the relevant live service and service management teams to ensure that they understand the implications of the design.
- Critical to success in this position is an ability to grasp complex technical processes/challenges and using entrepreneurial thinking to create solutions that are pragmatic.
- A deep understanding of security issues, solutions and experience from previous companies.
- Strong understanding of regulatory requirements.
- This is a role that will require an individual to be able to communicate with comfort with both senior business-leaders and IT Leadership.
- All-round experience of a range of technology solutions and a good understanding of the full-lifecycle of enterprise delivery projects.
- Ability to form part of a wider Design Authority and act as a subject matter expert
- The ideal candidate will have a broad architectural background with full-lifecycle experience of delivering Information Security solutions (including, but not limited to, Identity and Credential management;
- Access policy and management; Authentication and SSO; Authorization; Audit; Secure communications & cryptographic services; Network protection; Data protection & Privacy; Security administration).
- Experience of procedures, products, and standards used in Information security.
- Ability to engage successfully with business and IT stakeholders is required.
- The candidate is expected to have a leading knowledge of the IT Security vendor market and external IT Security best-practice bodies
- Professional qualification in Security and Architecture practice, e.g. Certified Information Systems Security Professional (CISSP), Sherwood Applied Business Security Architecture (SABSA), The Open Group Architecture Framework (TOGAF)
- Experience of the Retail industry will be diserable
This job was originally posted as www.totaljobs.com/job/81437937