19th January 2023
Senior IT Security Architect
Architecture
London
Up to £750 per day (inside IR35)
Senior IT Security Architect
London Docklands/Hybrid
Up to £750 per day (inside IR35)
3 month+ contract
On behalf of a Docklands based financial services client, I am seeking a Senior IT Security Architect with the ability to conduct the required architectural analysis and design in line with the business’s security strategy.
Due to the organisation operating a Hybrid work model, you must be within commutable distance of their Docklands offices and willing to be office based at least one day per week.
Responsibilities:
- Support the Security Architecture team to implement the Security Architecture Strategy and Framework across the business.
- Collaborate with Enterprise Architecture/Technology to provide and recommend effective solutions meeting requirements of the business through effective control of security risks and countering the threat landscape.
- Partner with multiple divisions and technical managers to maximize the effectiveness of Security Architecture requirements in the implementation of products, environments and services.
- Support the analysis of potential weaknesses and identifying recommendations to improve the security of all services across the business.
- Provide technical security advice, guidance, design and review in support of all business-related products and services, reporting to a Security Architecture Manager.
- Work closely with Enterprise Architecture in the effective delivery of solutions
- Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture.
- Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary.
- Keep informed of new and updated industry frameworks and regulations: GDPR, ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA.
- Keep informed of new and emerging security threats & assess effectiveness of current controls to identify opportunities for program improvement.
Experience/skillset required:
- 5+ years security architecture expertise with broad understanding of multiple security domains.
- Experience of working across Security Infrastructure and Networks.
- Strong documentation and report writing skills (to both technical and business audiences)
- Knowledge of policy frameworks and understanding of policies, procedures, guideline structure.
- Knowledge of firewalls, IPS, DLP, proxies, SEIM, & endpoint protection software.
- Security certifications such as CISSP, CISA, CRISC, SABSA, GIAC, CCSP, CCSK or equivalent is preferred.
- Knowledge of Risk Management life cycles based on an established framework: ISO 27001, SANS, NIST SP 800-53.
- Working knowledge of the following frameworks and regulations: ISO 27001/2, SANS Top 20 Critical Security Controls, NIST CSF, and FFIEC handbook, Cloud Security Alliance CCM.
Consultant - Brendan Connolly
Telephone: 0207 392 7512
Email: brendan.connolly@spencer-rose.com
Share This Position