Security Architect


Premium Job From Spring Group Plc

Recruiter

Spring Group Plc

Listed on

22nd November 2018

Location

Coventry

Salary/Rate

£600 - £650

Type

Contract

This job has now expired please search on the home page to find live IT Jobs.

Spring Technology is currently looking for a Security Architect. This is a 6 Month Contract based in Coventry.

To define IT solutions that meet the intended outcome of a project, programme or other architectural engagement, ensuring alignment to the IT Strategy and conforming to policies, standards, patterns and general good practice. Key accountabilities and responsibilities:

*Be able to create new security patterns which can provide guidance for projects to design a secure solution

*In depth understanding of AWS cloud architecture and services

*Be able to create security design pattern for different cloud models such as SaaS, IaaS, and PaaS that addresses, Encryption (PKI, VPNs, Symmetric and Asymmetric), Network, Vulnerability Management, Access Management, End Point Management etc.

*Enhances security team accomplishments and competence by answering technical and procedural questions for less experienced team members, teaching improved processes, mentoring team members and other operational colleagues in IT.

*Be able to articulate security control requirements to all stakeholers.

*Accountable for evaluating the solution design options based on architecture principles, security patterns and security NFRs

*Responsible for managing relationship with relevant IT and Business stakeholders

*Provide a security layer in projects/programs and embed security architecture patterns by evaluating business strategies and be able to

oResearch and assess appropriate information security standards

oConduct system security and vulnerability analyses and risk assessments

oStudy architecture/platform

oIdentify Inherent application and infrastructure risk and provide guidance on mitigating those risks

oIdentify integration issues

oPreparing cost estimates and give input around ROI and TCO

*Engage with and drive projects and programmes from a security risk aspect and suggest technology option with an understanding of people and process part in mitigating any apparent risks

*Critiquing specs for security projects (Solution Overview, Detail technical design, IT security designs etc.) and provide SME advice and suggestion for an alternate technology, process or solution if needed.

*Conducting risk assessments and being pragmatic in the approach.

*Providing assurances to project stakeholders on risk appetite of technical project work etc.

*Do the specs align with standards such as PCI-DSS, ISO 27001 and NIST standards

*Report progress of security technical control aspects of a project to line manager and articulate any risk to which needs escalation.

*Collaborate with Business Architecture on Enterprise Impact Assessment documents and to ensure alignment of technical solutions to business strategy

*Provide guidance to project managers and solution architect on architectural aspects of a project, including but not limited to:

oNon-functional requirements

oSecurity architecture

oCapacity planning

oInfrastructure servers, storage and networking

oData architecture, data migration and data transformation

oHigh level application architecture

oApplication and system interfaces supporting a Service Orientated Architecture

*Be able to suggest estimates of time required for assessing security NFRs.

*Responsible for ensuring that a security control requirement is compatible with the strategic technical architecture and corporate policies

*Liaise with third party organisations to:

oCommunicate security requirements to projects and third party stake holders involved in projects

oEnsure the third party works within the high-level security architecture framework to produce the relevant design and implementation documentation

oProvide security technical assurance for the application and infrastructure architecture by reviewing third party deliverables

oSign off all third party design documentation from security architecture aspect to ensure that it is fit for purpose and meeting NFRs

*Provide technical input to evaluation criteria for the selection of Commercial Off The Shelf products. Perform technical reviews of those products to ensure they operate on the Society's infrastructure and can be supported by Service Operations

*Work with Technical Solutions, all Developer Communities and Service Operations to:

oCommunicate the data, application, security and technical architectures to be delivered

oAchieve a successful introduction to service for the solution to be delivered

oEnsure all deviations from the solution as approved at Architecture Review Board are re-submitted for review and an appropriate decision

*Make architectural recommendations based on experience gained across a range of projects

*Keep up to date with the latest developments in the IT industry to make recommendations for how they could add benefit to the Society

*Key skills, knowledge, experience and competencies:

*Extensive knowledge of security best practices

*CISSP, CISM or equivalent security qualifications

*Technical background - security infrastructure, architecture / design

*Demonstrable knowledge of risk

*Security standards PCI, ISO 27001

*Software development lifecycle (desirable)

*Overall10 years of IT security experience out of which atleast 5 years in architecture

*Strong architecture and design skills preferably in a Service Orientated Architecture

*Broad technical skills including

oSystems analysis and design

oFull systems lifecycle

oKnowledge of leading RDBMS technologies, IT infrastructure design, SOA and BPM, integration technologies, security architectures, cloud services, financial services

*Good understanding of IT architecture modelling tools and languages such as Archimate, UML, BPMN, and TOGAF

*Proven ability to explain complex concepts in a nontechnical way

*Proven record of working with business stakeholders and communicating complex problems in a business context

Please send your CV now to apply !

Spring acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Spring Group UK is an Equal Opportunities Employer.

By applying for this role your details will be submitted to Spring. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: www.spring.com/candidate-privacy-information-statement

You are currently using an outdated browser.

Please consider using a modern browser such as one listed below: