Security Architect
Recruiter
Listed on
Location
Salary/Rate
Type
This job has now expired please search on the home page to find live IT Jobs.
Spring Technology is currently looking for a Security Architect. This is a 6 Month Contract based in Coventry.
To define IT solutions that meet the intended outcome of a project, programme or other architectural engagement, ensuring alignment to the IT Strategy and conforming to policies, standards, patterns and general good practice. Key accountabilities and responsibilities:
*Be able to create new security patterns which can provide guidance for projects to design a secure solution
*In depth understanding of AWS cloud architecture and services
*Be able to create security design pattern for different cloud models such as SaaS, IaaS, and PaaS that addresses, Encryption (PKI, VPNs, Symmetric and Asymmetric), Network, Vulnerability Management, Access Management, End Point Management etc.
*Enhances security team accomplishments and competence by answering technical and procedural questions for less experienced team members, teaching improved processes, mentoring team members and other operational colleagues in IT.
*Be able to articulate security control requirements to all stakeholers.
*Accountable for evaluating the solution design options based on architecture principles, security patterns and security NFRs
*Responsible for managing relationship with relevant IT and Business stakeholders
*Provide a security layer in projects/programs and embed security architecture patterns by evaluating business strategies and be able to
oResearch and assess appropriate information security standards
oConduct system security and vulnerability analyses and risk assessments
oStudy architecture/platform
oIdentify Inherent application and infrastructure risk and provide guidance on mitigating those risks
oIdentify integration issues
oPreparing cost estimates and give input around ROI and TCO
*Engage with and drive projects and programmes from a security risk aspect and suggest technology option with an understanding of people and process part in mitigating any apparent risks
*Critiquing specs for security projects (Solution Overview, Detail technical design, IT security designs etc.) and provide SME advice and suggestion for an alternate technology, process or solution if needed.
*Conducting risk assessments and being pragmatic in the approach.
*Providing assurances to project stakeholders on risk appetite of technical project work etc.
*Do the specs align with standards such as PCI-DSS, ISO 27001 and NIST standards
*Report progress of security technical control aspects of a project to line manager and articulate any risk to which needs escalation.
*Collaborate with Business Architecture on Enterprise Impact Assessment documents and to ensure alignment of technical solutions to business strategy
*Provide guidance to project managers and solution architect on architectural aspects of a project, including but not limited to:
oNon-functional requirements
oSecurity architecture
oCapacity planning
oInfrastructure servers, storage and networking
oData architecture, data migration and data transformation
oHigh level application architecture
oApplication and system interfaces supporting a Service Orientated Architecture
*Be able to suggest estimates of time required for assessing security NFRs.
*Responsible for ensuring that a security control requirement is compatible with the strategic technical architecture and corporate policies
*Liaise with third party organisations to:
oCommunicate security requirements to projects and third party stake holders involved in projects
oEnsure the third party works within the high-level security architecture framework to produce the relevant design and implementation documentation
oProvide security technical assurance for the application and infrastructure architecture by reviewing third party deliverables
oSign off all third party design documentation from security architecture aspect to ensure that it is fit for purpose and meeting NFRs
*Provide technical input to evaluation criteria for the selection of Commercial Off The Shelf products. Perform technical reviews of those products to ensure they operate on the Society's infrastructure and can be supported by Service Operations
*Work with Technical Solutions, all Developer Communities and Service Operations to:
oCommunicate the data, application, security and technical architectures to be delivered
oAchieve a successful introduction to service for the solution to be delivered
oEnsure all deviations from the solution as approved at Architecture Review Board are re-submitted for review and an appropriate decision
*Make architectural recommendations based on experience gained across a range of projects
*Keep up to date with the latest developments in the IT industry to make recommendations for how they could add benefit to the Society
*Key skills, knowledge, experience and competencies:
*Extensive knowledge of security best practices
*CISSP, CISM or equivalent security qualifications
*Technical background - security infrastructure, architecture / design
*Demonstrable knowledge of risk
*Security standards PCI, ISO 27001
*Software development lifecycle (desirable)
*Overall10 years of IT security experience out of which atleast 5 years in architecture
*Strong architecture and design skills preferably in a Service Orientated Architecture
*Broad technical skills including
oSystems analysis and design
oFull systems lifecycle
oKnowledge of leading RDBMS technologies, IT infrastructure design, SOA and BPM, integration technologies, security architectures, cloud services, financial services
*Good understanding of IT architecture modelling tools and languages such as Archimate, UML, BPMN, and TOGAF
*Proven ability to explain complex concepts in a nontechnical way
*Proven record of working with business stakeholders and communicating complex problems in a business context
Please send your CV now to apply !
Spring acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers. The Spring Group UK is an Equal Opportunities Employer.
By applying for this role your details will be submitted to Spring. Our Candidate Privacy Information Statement explains how we will use your information - please copy and paste the following link in to your browser: www.spring.com/candidate-privacy-information-statement