Description
Security Architect X2
Location: Hampshire (On Site, very little remote work)
Employment Type Contractor
Duration - 12 Month initial
Security Clearance Level DV
Daily rate - £650 - £750 DOE Inside IR35
The Security Architect will work as part of my Clients Development Teams, reporting to the Development Team Lead, and will be responsible for the design, documentation and assurance of security controls in the networks, workplace, platform and applications services, helping to ensure that the information security is proportionately maintained through the life of the system.
Key Responsibilities:
Understands the business and information risk context, and propose architectures and countermeasures to mitigate risks from solutions
Works closely with information risk advisors, accreditors, solution architects and system engineers to enable secure definition, delivery and configuration of ICT systems
Analyses existing and proposed technical architecture for security risk, applying secure architecture principles and practices to assure technical architectures
Assures implementation of security controls to mitigate risks
Provides expert technical advice to support the design and development secure architectures
Inputs detail on security control implementations and testing into to security risk management tooling
Supports security consultants by providing security control details, any gaps, and provide evidence of implementations.
Supports the Security Lead in wider operational security delivery including advocating a strong security culture and training to new joiners
Works with wider business stakeholders including customers, suppliers, and internal teams to ensure successful project delivery.
Advises on appropriate security controls to mitigate security architecture risks
Essential Skills:
Information Security experience within a large organization
Ability to articulate and pitch security advice, often at a technical level, directly to key customer stakeholders
Hands-on experience of architecting secure solutions
Experience of designing and/or implementing security controls using Microsoft standard tooling in a large organization
A clear understanding of UK Government Security Frameworks including the Security Policy Framework and NCSC Good
Practice guidance
Experience in providing advice on data protection, information security and business continuity
Desirable Skills:
Experience working in MOD security delivery projects
CISA, CISSP, CISM, or CIA would be highly desirable or equivalent experience
Experience using security risk management tooling
Good working knowledge of security related JSPs
Technical experience in IDAM technologies and architectural frameworks
Network security architecture principles such as network zoning and segmentation