Description
P2 Consulting is a Management Consultancy focused on Business Transformation and Change. We have been listed for three categories in the Best Companies to Work For in 2021. We now feature in 30 best companies to work for in London, the 30 best consultancies to work for and the 100 best small companies to work for in the UK.
We are looking for an Information Security Technical Architect to work with our Consumer Lending client. This individual will ensure the information security controls and technology solutions are delivered in line with the Banks Information Security standards. Changes within the IT Operations are to be reviewed to assess the impact on the Banks risk profile.
The Information Security Technical Architect is expected to understand complex IT systems, document security controls, and stay up to date with the latest security standards, systems, authentication protocols, and best practice security products.
KEY RESPONSIBILITIES & ACCOUNTABILITIES
- Review the security impact of technical change within low level designs, identifies design gaps, consults with engineering & operations teams and recommends security enhancements
- Provides low level design security requirements that map to high level requirements
- Perform threat modelling against proposed designs to identify, report and mitigate threat events
- Work with Security Operations to validate tooling and monitoring is in place prior to systems entering into production
- Identify improvements and ways to imbed security within development pipelines (DevSecOps)
- Provides consultancy services for reviewing any BAU changes that fall outside planned change that may have security implications
- Stays abreast of current and emerging security threats and relevant security controls to mitigate them
- Align standards, frameworks and security with overall business and technology strategy
- Identify security design gaps in proposed architectures and recommend changes or enhancements
EXPERIENCE
- Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC)
- Consumer Lending or Retail Banking experience
- 5+ years of experience in information security
- 3+ of experience with regulatory compliance and information security management frameworks (eg, IS027000, COBIT, NIST 800, etc.)
- NIST Cybersecurity Framework
- Cloud knowledge CCSP, CCSK, Azure
- Working within Agile, DevSecOps environment