Blackthorn Trace have partnered with a global leader within the Telecoms industry looking to increase the Security Architecture team. The main drive behind this urgent need is down to the ever growing cyber threats, the increase in cyber products being created within their commercial offerings and the organisation recognising the value of formal security architecture processes at an enterprise level.
The security architect plays an integral role in defining and assessing the organisation's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
· Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers
· Develop security strategy plans and roadmaps based on sound enterprise architecture practices
· Develop and maintain security architecture artifacts that can be used to leverage security capabilities in projects and operations
· Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
· Participate in application and infrastructure projects, and commercial product/service development activities to provide security-planning advice
· Draft security procedures and standards to be reviewed and approved
· Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services
· Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
· Conduct or facilitate threat modeling of services and applications that tie to the risk, data and industry drivers associated with the service or application
· Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
· Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems for both internal and commercial utilisation
· Review network segmentation to ensure least privilege for network access
· Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:
· Software as a service (SaaS) providers
· Cloud/infrastructure as a service (IaaS) providers
· Managed service providers (MSPs)
· Payroll providers
· Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports for security-related deficiencies and required "user controls"
· Support the testing and validation of internal and commercial security controls, as directed by the Director, Security Engineering
· Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use
· Liaise with other security architects and security practitioners to share best practices and insights
· A bachelor's or master's degree in computer science, information systems or other related field; or equivalent work experience.
· CISSP, CISM, CISA or other similar credentials
· The Zachman Framework or TOGAF
· Knowledge of a security-specific architecture methodology (for example, SABSA).
· Seven to 10 years of combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments.
· Expert knowledge of security issues, techniques and implications across all existing computer platforms, including datacenter, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms.
· Proven ability in security process and organizational design
· Knowledge and a passion for IOT, embedded devices/systems is an advantage