Security Architect - SC Cleared
Posted on Jun 26, 2021 by Barclay Simpson Recruitment
Information Security Architect required for a central government department. The role will be programme focused and will centred on providing direct support to the delivery of the Cyber Security Programme (CSP), one of the departments core strategic initiatives focused on the protection of organisational systems and data/information assets from cyber-attacks.
- Lead the review of architectures and designs proposed by suppliers as part of the CSP, including cyber security specific solutions being implemented by virtue of the programme scope, connected infrastructure and network components, end-to-end data flows etc.
- Responsible for providing cyber related guidance and support to project delivery teams and consulting partners appointed to the CSP in particular to ensure alignment with any applicable organisational security and operational standards relating to technical architecture/design, the emerging target security architecture/capability model and the defined functional and non-functional requirements (where applicable).
- Collaborate cross-functionally with teams throughout the organisation (both in M&D and in other Gov departments) to ensure that planning for the adoption of any new/existing security controls is promoted in terms of integration for all relevant systems, applications, network devices, web interfaces, tools etc.
- Work closely with the organisation's security experts (eg CISO, Security Architect, Security Operations Lead etc.) to support the adoption of industry good practice and the implementation of the latest cyber security innovations throughout Gov department.
- Oversee the analysis of technical concerns/issues raised on the programme in a risk-based manner, to help key stakeholders across the Gov department make informed decisions about the direction and intent of the various CSP initiatives and their ability to achieve successful outcomes.
- Subject matter expert in practices and technologies associated with the design and realisation of secure architectures and solution designs
- A clear understanding of the relevant domains across the technical security spectrum, including Infrastructure/Network Security, Vulnerability Management, Identity & Access Management, Logging & Monitoring, Encryption, Cloud Security, Data Loss Prevention etc.
- Technical writing and documentation of risks Information security standards (PCI DSS, PII, CPNI, NIST Framework, ISO 27000-series, SANS, OWASP)
- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
- Ability to collaborate and communicate effectively and respectfully
- Must be organized, have strong attention to detail and work independently
- Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization
- Maintain the utmost level of professional discretion at all times
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and SABSA/TOGAF and have expert knowledge of Security Architecture. You will also have a proven track record of delivery in a similar role and meet all the required competencies. Experience in government departments is highly advantageous but not essential. Must have existing SC clearance.