This job is no longer available.
You can view related vacancies or set-up an email alert notification when similar jobs are added to the website using the buttons below.

Security Architect

JK190917
£75000-£90000 + bonus + benefits

Blackthorn Trace have partnered with a global leader within the Telecoms industry looking to increase the Security Architecture team. The main drive behind this urgent need is down to the ever growing cyber threats, the increase in cyber products being created within their commercial offerings and the organisation recognising the value of formal security architecture processes at an enterprise level.

The security architect plays an integral role in defining and assessing the organisation's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

 

Responsibilities

·         Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers

·         Develop security strategy plans and roadmaps based on sound enterprise architecture practices

·         Develop and maintain security architecture artifacts that can be used to leverage security capabilities in projects and operations

·         Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts

·         Participate in application and infrastructure projects, and commercial product/service development activities to provide security-planning advice

·         Draft security procedures and standards to be reviewed and approved

·         Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services

·         Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria

·         Conduct or facilitate threat modeling of services and applications that tie to the risk, data and industry drivers associated with the service or application

·         Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

·         Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems for both internal and commercial utilisation

·         Review network segmentation to ensure least privilege for network access

·         Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:

·         Software as a service (SaaS) providers

·         Cloud/infrastructure as a service (IaaS) providers

·         Managed service providers (MSPs)

·         Payroll providers

·         Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports for security-related deficiencies and required "user controls"

·         Support the testing and validation of internal and commercial security controls, as directed by the Director, Security Engineering

·         Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use

·         Liaise with other security architects and security practitioners to share best practices and insights

 

Education/Qualifications

·         A bachelor's or master's degree in computer science, information systems or other related field; or equivalent work experience.

·         CISSP, CISM, CISA or other similar credentials

·         The Zachman Framework or TOGAF

·         Knowledge of a security-specific architecture methodology (for example, SABSA).

 

Required Experience

·         Seven to 10 years of combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments.

·         Expert knowledge of security issues, techniques and implications across all existing computer platforms, including datacenter, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms.

·         Proven ability in security process and organizational design

·         Knowledge and a passion for IOT, embedded devices/systems is an advantage

 


This job has now been filled but you may be interested in:

 

Senior Cyber Security Consultant

If you have expertise in both IT and Cyber Security client facing roles this is your chance to be apart of a successful MSSP.

You will work in with your teams and clients to build up all the key elements of the company to develop their Cyber strength and to ensure your work is sustained.

You will have the opportunity to work on challenging projects, spanning all security domains for various end clients on a global scale. You must be willing to travel both nationally and internationally to meet with Clients if the need arises.

Individual learning plans and course funding is an incentive my client is not shy on throwing out. .

Key Responsibilities:

To manage and deliver cyber security projects. You will also lead engagements, manage project deliverables, timescales, budgets and client relationships.

To apply an excellent breadth of cyber security domain knowledge to consulting engagements, helping organisations to understand their cyber security challenges;

An ability to write reports to a high level is also required.


The successful candidate will:

  • Maintain a strong understanding of all information security domains;
  • Have comprehensive knowledge of industry standards such as NIST 800-53, SANS 20 CSC, ISO 2700 Series, PCI DSS, GDPR;
  • Possess strong presentation and communication skills and be comfortable discussing cyber security topics with non-technical and business audiences;
  • Have a good grasp of IT and information security technologies and products;
  • Able to interface with clients of all levels;
  • Be proactive, flexible and willing to travel globally.

Qualifications and certifications

  • 2 years of cyber security consulting experience (client facing);
  • CISSP required;
  • Security certifications (CISM, CISA, CRISC, CCISO etc.) are desirable.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Cyber Security Engineer

My client is looking for a quick thinking and confident engineer to work on industry changing projects and for someone to work alongside the CSIRT to provide quick fixes to disrupt live attacks.

Key responsibilities:

  • Producing detailed designs for the build and configuration of cyber security solutions.
  • Producing integration designs for operational security management systems.
  • Developing new security technologies, and delivering them into operational environments.
  • Producing delivery plans and cost models within a continuous development lifecycle.
  • Conducting technology trials and proofs-of concepts.
  • Developing security technology roadmaps and engineering standards.
  • Working alongside the CSIRT

Essential

  • Minimum of 2 years experience in a cyber security engineer role
  • Experience with Java.
  • Experience producing security system designs from a defined set of requirements; such as Identity Management and Key Management Systems.
  • Managing technical requirements in waterfall and agile delivery.
  • Installing and configuring virtualisation technologies.
  • Ability to read and understand raw system data including security event logs, system logs, application logs, and device logs.
  • A good knowledge of TCP/IP networks, including the technologies and protocols commonly used in local area and wide area networks.
  • A good working knowledge of a variety of security technologies; such as cryptographics, host intrusion, network and application firewalls.
  • A basic knowledge of common application and infrastructure architectures.
  • Excellent collaboration and communication skills.

Desirable

  • BSc in Computer Sciences, Mathematics or Engineering (min 2:1)
  • Experience installing and configuring both Windows and Linux server operating systems, including ability to script in Bash and/or PowerShell.
  • Experience working with Jenkins, Docker and Kebernetes in a CI Pipeline.
  • CISSP, GPEN and CISM, CompTIA Network or CCNA.
  • Security vendor certifications, such as Checkpoint, ArcSight, Fortinet and TrendMicro.
  • Familiarity with security standards.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.

Senior Cyber Security Consultant

If you have expertise in both IT and Cyber Security client facing roles this is your chance to be apart of a successful MSSP.

You will work in with your teams and clients to build up all the key elements of the company to develop their Cyber strength and to ensure your work is sustained.

You will have the opportunity to work on challenging projects, spanning all security domains for various end clients on a global scale. You must be willing to travel both nationally and internationally to meet with Clients if the need arises.

Individual learning plans and course funding is an incentive my client is not shy on throwing out.

Key Responsibilities:

To manage and deliver cyber security projects. You will also lead engagements, manage project deliverables, timescales, budgets and client relationships.

To apply an excellent breadth of cyber security domain knowledge to consulting engagements, helping organisations to understand their cyber security challenges.

An ability to write reports to a high level is also required.


The successful candidate will:

  • Maintain a strong understanding of all information security domains;
  • Have comprehensive knowledge of industry standards such as NIST 800-53, SANS 20 CSC, ISO 2700 Series, PCI DSS, GDPR;
  • Possess strong presentation and communication skills and be comfortable discussing cyber security topics with non-technical and business audiences;
  • Have a good grasp of IT and information security technologies and products;
  • Able to interface with clients of all levels;
  • Be proactive, flexible and willing to travel globally.

Qualifications and certifications

  • 2 years of cyber security consulting experience (client facing);
  • CISSP required;
  • Security certifications (CISM, CISA, CRISC, CCISO etc.) are desirable.

Huntress Search Ltd does not discriminate on the grounds of 'protected characteristics' as defined under the Equality Act and other relevant UK legislation.

Huntress Search Ltd acts as a Recruitment Agency in relation to all Permanent roles and as a Recruitment Business in relation to all Temporary roles.

PLEASE NOTE: We can only consider applications from candidates who have the right to work in the UK.