Description
Location: Remote Working/1 day travel to London office (post-Covid)
Work Pattern: Contract - 6 months (with the option to extend further)
Clearance: Active SC Clearance/SC Cleared
The Company
We are a specialist Data Engineering, Cloud and Analytics consultancy focused on supporting our clients in successfully delivering on their digital transformation programmes. Our aim is to ensure we deliver value from our client's data using innovative approaches that improve their data capabilities, analytics, and data governance.
With demand for our services from our clients at an all-time high and continuous growth and success within our market sector, we are embarking on a major recruitment drive and keen to recruit an experienced Security Architect to join our project delivery team.
The Role
We are working for a high-profile client, comprised of multiple agile, lean teams who together provide a platform and services to collect, evaluate and analyse customer interaction data.
Our teams build a timeline of our users' digital interactions, then enhance it with supplementary data and data insights. This data is crucial to our understanding of our customers and their behaviours, underpinning service improvements, security, MI/BI, fraud detection and prevention across our organisation. Confidentiality, integrity, and availability of our data is core to our mission.
As the Security Architect, you will be work closely alongside our service teams to make security simple within our organisation. You will work to build in security controls, defaults and improve practices so that the DevSecOps and data security become the norm across our data products and services.
In doing so you will need to change our environment so that individual engineers are less burdened by security, and it becomes an easy thing to do. You will therefore need to provide support and guidance to all our engineers, whilst empowering teams to make our organisation better.
As such you'll be someone who can bring people together and align them around common strategies and practices. As the Security Architect, you will be forward looking and constantly considering new capabilities, tools, and strategies to support us.
You will be able to quickly assess our current platform and define and prioritise an improvement strategy based on customer value. You will need to work closely with our Data and Technical Architects to ensure security is first class in our strategies and deliveries, as well as is sufficiently represented in team roadmaps. As the Security Architect, you will be responsible for ensuring the confidentiality, integrity, and availability of our data. You will also need to be able to represent our organisation to our external senior stakeholders as appropriate, building relationships and buy-in to security practices
Knowledge & experience:
- Experience of designing software for public cloud
- Experience of mentoring and coaching members of a team and wider community
- Experience with Continuous Security, Continuous Integration and Continuous Delivery techniques
- Experience working in data security and specifically in the confidentiality, integrity and availability of data
- Experience automating security practices and security testing
- Demonstrated experience building consensus in team and with stakeholders
- GDPR
- Solid software and/or data engineering background
- Strong grasp of Cyber Security Engineering principles
- Knowledge of security standards and regulations (eg, NCSC, ISO, SoC, NIST, PCI)
- Expertise in identifying security issues in existing system designs
- Experience of network security
- Familiar with OWASP tools and guidance (eg, ASVS)
- Experience in working across multiple engineering teams to improve security
- Threat modelling
- Working in a data environment
- Platform/governance as code ie, building security governance into code
- Experience in working with Agile Technical practices
- Experience in working with microservice architectures and Cloud technologies including AWS
- Experience in shaping and championing security best practices
- Strong stakeholder management experience - the role involves facing off against client and Senior stakeholders
- Experience in standardising approaches and design patterns
Skills & technologies
- AWS eg IAM, CloudTrail, VPC, WAF etc.
- Security automation tools
- Security engineering/code
- Data security tools
- Continuous Integration Principles
- Development and or Infrastructure Background
- Infrastructure as code knowledge
- HTTPs
- Unix/Ubuntu
- DNS + certificates
- Proxies (eg, nginx)
- SSH
- VPNs
- Network layer protocols
- SSL
- Git
Interested?
Then please get in touch by applying with your most recent copy of your CV including a contact number and we will contact you directly to discuss further.
We welcome applications from all suitably qualified people regardless of gender, race, disability, age, or sexual orientation. All applications are assessed purely on merit, against the capabilities and competencies required to fulfil the position.