Senior Security Architect

The role of the Senior Security Architect is within the Security Architecture and Engineering function and will need to provide leadership in the development, communication and application of our client's enterprise security architecture and engineering road-maps. They will work closely with and guide the security engineering team, to ensure that our client's cyber security capabilities are fit for purpose and provide effective protection for our client's products, services and technologies., * Define the future enterprise security capabilities required to mitigate new and evolving threats to our client's products, services, and technologies.

• Own, communicate and collaboratively develop the business target enterprise security architecture to meet our client's cyber strategy and policies
• Ensuring alignment of the cyber security architecture and security engineering road-maps with wider business technology strategies
• Provide and maintain alignment of security capabilities to our client's security policies and external control frameworks/standards, such as NIST CSF, ISO27001
• Support business case development including scoping, justifying and sequencing any proposed projects required to develop the security capability in line with our client's requirements and goals
• Develop security engineering roadmaps to support the introduction or enhancement of target security products, services, and software
• Develop and maintain security architecture artefacts (e.g., models, templates, standards, patterns & procedures) that can be used to leverage security capabilities in projects and operations
• Track developments and changes to our client's threat landscape to ensure that they're adequately addressed in the target enterprise security architecture and security architecture artefacts
• Participate in application and infrastructure projects, and commercial product/service development activities to provide security design and consultancy advice
• Draft security procedures and standards to be reviewed and approved
• Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Support the testing and validation of internal and commercial security controls, as directed by the Head of Security Architecture
• Liaise with other security architects, security engineers and security practitioners to share best practices and insights

• A bachelor's or master's degree, or equivalent in computer science, information systems or another related field; or equivalent work experience is desired
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
• Formal training in a relevant enterprise architecture methodology (e.g. SABSA or TOGAF)
• Combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments
• Expert knowledge of security issues, techniques and implications across all existing computer platforms, including data-centre, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms
• Knowledge of a security-specific architecture methodology (for example, SABSA).
• Knowledge or exposure to Cloud technologies, such as IaaS, SaaS & PaaS deployments, with detailed knowledge of Azure & AWS being highly desirable
• Experience or exposure to projects involving the UK MoD and/or HMG Standards
• 5+ years working as a Security Architect or can demonstrate equivalent experience
• 3+ years' experience in Enterprise Security Architecture development and implementation
• Must be eligible to work in this location advertised.
• Individuals with SC clearance or who are eligible to apply for SC are highly desirable

Additional requirements for Security Architect (Network & Telecommunication)

• Combined IT, Network and security work experience, with a broad exposure to infrastructure/network and multiplatform environments
• Knowledge of TCP/IP stack, standard networking protocols, encryption technologies
• Knowledge of cloud-based network and security technologies and principles
• Expertise in network security areas including firewalling, application firewalling, IDS/IPS, NAC, threat intelligence, DDoS Mitigation, proven experience in configuration and administration of security devices from leading vendors
• Experience in supporting design and implementation of secure third party access or interconnecting alien networks with on-premises networks
• Knowledge of secure implementation of application-layer controls including web content filtering proxy, reverse / forward proxy