Enterprise Security Architect
Posted on Oct 6, 2021 by Barclay Simpson Recruitment
Enterprise Security Architect needed for a leading financial services firm, the role will be centred on providing technical security leadership for Security Architecture across the UK & Ireland. The Enterprise Security Architect is responsible for defining the security roadmap and ensuring that the group integrates security into the adoption and use of all new technologies and information systems. The role will support the Enterprise Architecture and Information Security functions to advance security in the group while simplifying the security technologies used.
Outline of the role:
- Providing vision and direction for our roadmap for security architecture
- Ensuring alignment of technologies to the prescribed target security architecture
- Development and embedding of standards and patterns for common security problems across group.
- Drive simplification of the security technology estate.
- Monitoring the changing threat and security technology landscape to ensure our information security practices remain up-to-date, effective and continually improving.
- Predicting future trends and emerging threats.
- Embedding future trends and emerging threats into the group Target Architecture and Roadmap.
- Assessing new and existing strategic the group's products and systems to identify weaknesses in our information security approach and creating improvement plans where required
- Ensuring alignment of security technologies to the group risk appetite.
- Previous architecture design role experience, either as a Security Architect or a Solution Architect with Security experience, within Financial Services or Banking.
- Lead architect experience on a large-scale security or cloud project.
- Experience of interacting with all functions both business and technical to align the requirements of a project to system and technical requirements.
- Experience in other IT disciplines (such as Business Architecture/Analysis, Technical/Infrastructure Architecture etc.) within a multi-tier environment.
- Working knowledge of IT Security tools, principles & standards, eg ISO 2700x, SANS Critical Controls, CESG 14 Cloud Security Principles, ISF Standard of Good Practice, Cobit 5, etc.
- Systems Integration & Networks, eg Firewall, Active Directory, Single Sign-on, 3rd Party Systems (Federation), multi O/S
- Data, eg Classification, MDM, Protection and Regulation (PII/GDPR, PCI-DSS, NIS Directive), Database Technologies,
- DevOps best practice, eg Application Development life cycle, security functional requirements.
- Cloud, eg AWS, Azure, IBM Cloud
- Working knowledge of Enterprise Architecture frameworks eg TOGAF/Zachman
- Strong leadership and interpersonal skills
- Ability to manage and prioritise a demanding workload. Strong planning and organising skills.
- Degree Level Education
- Appropriate professional Security certifications such as CISSP, CCSP, CISM, EMCCA, AWS-CSA or TOGAF preferred but not required.
- Full membership of the Institute of Information Security Professionals (IISP) preferred but not required.
As an ideal candidate, you will have an industry certification such as TOGAF and have expert knowledge of Enterprise Architecture. You will also have a proven track record of delivery in a similar role. Experience within healthcare is highly advantageous.