This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Security Architect

JK190917
£75000-£90000 + bonus + benefits

Blackthorn Trace have partnered with a global leader within the Telecoms industry looking to increase the Security Architecture team. The main drive behind this urgent need is down to the ever growing cyber threats, the increase in cyber products being created within their commercial offerings and the organisation recognising the value of formal security architecture processes at an enterprise level.

The security architect plays an integral role in defining and assessing the organisation's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

 

Responsibilities

·         Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers

·         Develop security strategy plans and roadmaps based on sound enterprise architecture practices

·         Develop and maintain security architecture artifacts that can be used to leverage security capabilities in projects and operations

·         Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts

·         Participate in application and infrastructure projects, and commercial product/service development activities to provide security-planning advice

·         Draft security procedures and standards to be reviewed and approved

·         Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services

·         Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria

·         Conduct or facilitate threat modeling of services and applications that tie to the risk, data and industry drivers associated with the service or application

·         Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

·         Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems for both internal and commercial utilisation

·         Review network segmentation to ensure least privilege for network access

·         Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:

·         Software as a service (SaaS) providers

·         Cloud/infrastructure as a service (IaaS) providers

·         Managed service providers (MSPs)

·         Payroll providers

·         Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports for security-related deficiencies and required "user controls"

·         Support the testing and validation of internal and commercial security controls, as directed by the Director, Security Engineering

·         Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use

·         Liaise with other security architects and security practitioners to share best practices and insights

 

Education/Qualifications

·         A bachelor's or master's degree in computer science, information systems or other related field; or equivalent work experience.

·         CISSP, CISM, CISA or other similar credentials

·         The Zachman Framework or TOGAF

·         Knowledge of a security-specific architecture methodology (for example, SABSA).

 

Required Experience

·         Seven to 10 years of combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments.

·         Expert knowledge of security issues, techniques and implications across all existing computer platforms, including datacenter, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms.

·         Proven ability in security process and organizational design

·         Knowledge and a passion for IOT, embedded devices/systems is an advantage

 


This job has now been filled but you may be interested in:

 

IAM Specialist

Do you want to join an award winning FinTech team that is challenging the way the world pays!? We are looking for an IAM Specialist/Developer who is proficient in using Java Script.

Our client has an important mission to change and connect the world. They value their teams and the tens of thousands of people that work for them by striving to make every effort to accommodate for every individuals needs.

The Role

  • You'll work with and take direction from IAM Security Architects to help achieve the goals of the Security Architecture and IAM Programs.
  • Design and will assist with the implementation and optimization of Identity and Access Management solutions for systems and infrastructure used by internal staff.
  • Review and evaluate solutions for enterprise and business use.
  • You'll be working on an array of technologies that may include:
  • Web Access Management using standard solutions such as CA SSO/SiteMinder, Oracle Access Manager, ForgeRock, etc.
  • Single Sign-on and Federation using standard protocols and frameworks such as Kerberos, SPNEGO, SAML 2.0, ADFS, OpenID Connect, etc.
  • Privileged Access Management using solutions such as CA PAM/Xceedium Gatekeeper, BeyondTrust PowerBroker, Dell Privilege Manager, Managed sudo, etc.
  • Two-Factor Authentication
  • Familiar with modern deployment - Docker, Mesos
  • Strong technical competency and experience in the IAM domain
  • Gained good experience as a solid hands-on programmer/developer with specialization in Java and J2EE. Bean Shell, knowledge of SailPoint Java Objects exposed through application
  • Gained solid experience in developing and customising any of the IAM solutions such as Sailpoint IIQ, OIM, TIM, Forgerock, etc...
  • Strong experience in IT Security/IAM and thereby able to demonstrate a high level of technical ability in implementation and design of the IAM solutions
  • Database: SQL (Strong SQL Skills)
  • Experience with LDAP and AD
  • Experience with Unix Systems (Solaris, AIX, Linux)
  • Experience with web technologies: XML, SPML, SOAP, REST, HTML, Web and Application Servers.

If you want to be apart of a team who can fund and develop your ideas and provide you with industry recognised training then apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Senior Security Architect

Are you looking for a position of importance? My client is looking for a Senior Security Architect to help provide resilience across their Cyber teams to ensure they maintain operational capability in the current security landscape.

This role you will be reporting to the Director of Security Architecture and Engineering and you will be responsible for the growth and management of my client's architecture enterprise. You will use your expertise to help support the Architecture goals of the business.

The Role

  • You will work in close proximity to other security teams to help establish system boundaries and weaknesses, current or potential risks and their impact.
  • Ensure principles that support the current life Cycle
  • Support the development of risk management processes and program protection planning
  • Implement service management concepts for networks and related
  • Apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology
  • Develop and apply cyber security, privacy principles, and organizational requirements.
  • Develop cross domain solutions for multi-level security systems that support confidentiality, integrity, and availability requirements.
  • Collaborate in the development of cloud service models and effectively communicate possible limitations for an incident response Network Security
  • Apply network security architecture concepts including topology, protocols, components, and principles
  • Collaborate with the appropriate entities to determine how a security system should work and how changes in conditions, operations, or the environment will affect these outcomes
  • Assist in the development of network design processes, to include communication of security objectives, with consideration to operational objectives, and trade-offs.
  • Perform capabilities and requirements analysis.
  • Develop information security rules and enterprise security requirements that describe baseline and target architectures.
  • Translate operational requirements into protection needs
  • Determine and communicate cyber threats and vulnerabilities, and any operational impacts of cyber security lapses
  • Implement vulnerability assessment tools
  • Apply Personally Identifiable Information data security standards in accordance with laws, regulations, policies, and ethics as they relate to cyber security and privacy.

This is a unique opportunity to be apart of a global organisation and help implement changes that will secure the future of not only the Architecture team but of the entire enterprise. If this sounds like you apply now!

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.