Security Architect | QRadar | £500 - £700/day | Home Based

Description

Security Architect | QRadar | £500 - £700/day | Home Based

The role of Security Architect comprises the following responsibilities:
Operational Handover

• Assessment of workstream changes to identify new areas of security concern and report to Threat Analyst/Risk Management lead (Security Operations Team) to reach a suitable approach that will be acceptable for live service.
• Creation and ownership of QRadar Use Cases and log source specifications for future workstream changes and support delivery into QRadar
• Ownership of existing workstream based Security Risks and Issues and co-ordinate mitigation delivery and facilitate handover acceptance by Security Operations Team
• Oversee the delivery of risk mitigation actions and update the TDA on changes to risk profile as a result of those actions and agreement in principal from the Security Operations Team
• Act as the liaison between the TDA and the Security Operations Team for appropriate Security Review Board approvals.

Workstream Security Architecture

• Form a close working relationship with the Application architects and provide advice and guidance on security challenges in the solution.
• Assess solution documents for security risks and surface, document and mitigate where appropriate.
• Actively participate in the TDA to ensure that the Technical design delivers a secure solution in accordance with Best Practice and Contractual commitments for ESR.
• Produce the risks register for that workstream on a release by release basis for assessment and facilitate approval within the SRB/Security Operations Team.
• Ensure existing, carried forward, risks are actively owned and addressed in the current workstream.
• Define and document Penetration testing scope aligned with release change, and facilitate the testing, review, and project mitigations required from the test. Liaise with Security Operations Team on delivery of the penetration test and co-ordinate with appropriate project resources to enable success.
• Encapsulate Technical solutions to address Security within the solution into Architectural Decisions for consideration and approval at the TDA meeting.
• Support the workstream project gate process and ensure, with support from the workstream team members, all appropriate security artifacts are available in time for the release

Key Deliverables

• SOC Use cases
• Penetration test scope document
• Architectural Decisions as appropriate