Principal Security Architect
Posted on Oct 1, 2024 by CV-Library
Cambridge, Cambridgeshire, United Kingdom
Other
Immediate Start
Annual Salary
Part-Time
Job Overview:
The role will spend time helping teams come up to speed with refreshed approaches to security requirement identification, threat modelling, coding standards, and security testing, with a focus on applying these concepts to traditional and modern infrastructure in green-field and existing deployments. It will involve taking insight from these activities to advise and construct the 'middleware' that makes the right security choices easier to make and implement for responsible teams.
As our GRC world evolves, this role will play a pivotal role in maintaining alignment between SDL and policies, standards and guidelines, using a common security framework to apply consistency.
Finally, you will add to our general capacity for security consulting and reviews, including assisting GRC teams where required.
Responsibilities:
- Maintain and develop standards and guidance that builds SDL maturity in the IT team
- Help traditional infrastructure teams develop strategies for meeting the spirit of SDL requirements, pushing towards use of automation, infrastructure-as-code, & DevOps methods rather than manual or golden image techniques
- Develop implementation-specific architecture templates that meet security requirements expressed in policy and standards
- Assist with security reviews of and technical recommendations into high-level and low-level designs where required
- Assist with GRC consultation queries where required
- Invest in others, including application development and infrastructure teams, to support business applications and processes in new ways.
- Afford mentorship regarding solutions and concepts.
- Further a culture of innovation within the architecture and broader IT team.
Required Skills and Experience:
- Ability to align security frameworks with organisation security policies, and to craft corresponding security controls (whether implemented by technology or process)
- Proven experience implementing SDL in non-software contexts, including infrastructure.
- Experience with Infrastructure-as-Code (IaC) and automation through DevOps, and tools such as Jenkins, Terraform, and Ansible.
- Prior experience working with recognised security frameworks from ISO, NIST, etc, and with neutral / harmonisation frameworks like UCF (Unified Compliance Framework).
- Solid technical understanding of both on-premise infrastructure (network, platform, network-based storage, OS, virtualisation), cloud infrastructure (AWS, GCP, Azure, and others), and technologies found in both (e.g. docker, Kubernetes).
“Nice To Have” Skills and Experience:
- Bachelor's degree in computer science, information technology, or a related field; or equivalent experience/professional/industry certifications.
- Understanding of identity & access management for both people & systems.
- Understanding of software engineering.
- Exposure to large enterprise platforms such as SAP and Salesforce.
- Knowledge of Arm based compute & software.
- Relevant industry / vendor certifications.
- A passion for optimisation and automation, and a desire to motivate change!
- Strong motivation and drive, with the ability to operate across multiple projects simultaneously, including those that span geographies!
In Return:
We offer exciting and interesting work in global and diverse team. Arm's growth trajectory will ensure career progression and the opportunity to have a significant impact on our success.
#LI-JW
The role will spend time helping teams come up to speed with refreshed approaches to security requirement identification, threat modelling, coding standards, and security testing, with a focus on applying these concepts to traditional and modern infrastructure in green-field and existing deployments. It will involve taking insight from these activities to advise and construct the 'middleware' that makes the right security choices easier to make and implement for responsible teams.
As our GRC world evolves, this role will play a pivotal role in maintaining alignment between SDL and policies, standards and guidelines, using a common security framework to apply consistency.
Finally, you will add to our general capacity for security consulting and reviews, including assisting GRC teams where required.
Responsibilities:
- Maintain and develop standards and guidance that builds SDL maturity in the IT team
- Help traditional infrastructure teams develop strategies for meeting the spirit of SDL requirements, pushing towards use of automation, infrastructure-as-code, & DevOps methods rather than manual or golden image techniques
- Develop implementation-specific architecture templates that meet security requirements expressed in policy and standards
- Assist with security reviews of and technical recommendations into high-level and low-level designs where required
- Assist with GRC consultation queries where required
- Invest in others, including application development and infrastructure teams, to support business applications and processes in new ways.
- Afford mentorship regarding solutions and concepts.
- Further a culture of innovation within the architecture and broader IT team.
Required Skills and Experience:
- Ability to align security frameworks with organisation security policies, and to craft corresponding security controls (whether implemented by technology or process)
- Proven experience implementing SDL in non-software contexts, including infrastructure.
- Experience with Infrastructure-as-Code (IaC) and automation through DevOps, and tools such as Jenkins, Terraform, and Ansible.
- Prior experience working with recognised security frameworks from ISO, NIST, etc, and with neutral / harmonisation frameworks like UCF (Unified Compliance Framework).
- Solid technical understanding of both on-premise infrastructure (network, platform, network-based storage, OS, virtualisation), cloud infrastructure (AWS, GCP, Azure, and others), and technologies found in both (e.g. docker, Kubernetes).
“Nice To Have” Skills and Experience:
- Bachelor's degree in computer science, information technology, or a related field; or equivalent experience/professional/industry certifications.
- Understanding of identity & access management for both people & systems.
- Understanding of software engineering.
- Exposure to large enterprise platforms such as SAP and Salesforce.
- Knowledge of Arm based compute & software.
- Relevant industry / vendor certifications.
- A passion for optimisation and automation, and a desire to motivate change!
- Strong motivation and drive, with the ability to operate across multiple projects simultaneously, including those that span geographies!
In Return:
We offer exciting and interesting work in global and diverse team. Arm's growth trajectory will ensure career progression and the opportunity to have a significant impact on our success.
#LI-JW
Reference: 222413272
https://jobs.careeraddict.com/post/95687424
Principal Security Architect
Posted on Oct 1, 2024 by CV-Library
Cambridge, Cambridgeshire, United Kingdom
Other
Immediate Start
Annual Salary
Part-Time
Job Overview:
The role will spend time helping teams come up to speed with refreshed approaches to security requirement identification, threat modelling, coding standards, and security testing, with a focus on applying these concepts to traditional and modern infrastructure in green-field and existing deployments. It will involve taking insight from these activities to advise and construct the 'middleware' that makes the right security choices easier to make and implement for responsible teams.
As our GRC world evolves, this role will play a pivotal role in maintaining alignment between SDL and policies, standards and guidelines, using a common security framework to apply consistency.
Finally, you will add to our general capacity for security consulting and reviews, including assisting GRC teams where required.
Responsibilities:
- Maintain and develop standards and guidance that builds SDL maturity in the IT team
- Help traditional infrastructure teams develop strategies for meeting the spirit of SDL requirements, pushing towards use of automation, infrastructure-as-code, & DevOps methods rather than manual or golden image techniques
- Develop implementation-specific architecture templates that meet security requirements expressed in policy and standards
- Assist with security reviews of and technical recommendations into high-level and low-level designs where required
- Assist with GRC consultation queries where required
- Invest in others, including application development and infrastructure teams, to support business applications and processes in new ways.
- Afford mentorship regarding solutions and concepts.
- Further a culture of innovation within the architecture and broader IT team.
Required Skills and Experience:
- Ability to align security frameworks with organisation security policies, and to craft corresponding security controls (whether implemented by technology or process)
- Proven experience implementing SDL in non-software contexts, including infrastructure.
- Experience with Infrastructure-as-Code (IaC) and automation through DevOps, and tools such as Jenkins, Terraform, and Ansible.
- Prior experience working with recognised security frameworks from ISO, NIST, etc, and with neutral / harmonisation frameworks like UCF (Unified Compliance Framework).
- Solid technical understanding of both on-premise infrastructure (network, platform, network-based storage, OS, virtualisation), cloud infrastructure (AWS, GCP, Azure, and others), and technologies found in both (e.g. docker, Kubernetes).
“Nice To Have” Skills and Experience:
- Bachelor's degree in computer science, information technology, or a related field; or equivalent experience/professional/industry certifications.
- Understanding of identity & access management for both people & systems.
- Understanding of software engineering.
- Exposure to large enterprise platforms such as SAP and Salesforce.
- Knowledge of Arm based compute & software.
- Relevant industry / vendor certifications.
- A passion for optimisation and automation, and a desire to motivate change!
- Strong motivation and drive, with the ability to operate across multiple projects simultaneously, including those that span geographies!
In Return:
We offer exciting and interesting work in global and diverse team. Arm's growth trajectory will ensure career progression and the opportunity to have a significant impact on our success.
#LI-JW
The role will spend time helping teams come up to speed with refreshed approaches to security requirement identification, threat modelling, coding standards, and security testing, with a focus on applying these concepts to traditional and modern infrastructure in green-field and existing deployments. It will involve taking insight from these activities to advise and construct the 'middleware' that makes the right security choices easier to make and implement for responsible teams.
As our GRC world evolves, this role will play a pivotal role in maintaining alignment between SDL and policies, standards and guidelines, using a common security framework to apply consistency.
Finally, you will add to our general capacity for security consulting and reviews, including assisting GRC teams where required.
Responsibilities:
- Maintain and develop standards and guidance that builds SDL maturity in the IT team
- Help traditional infrastructure teams develop strategies for meeting the spirit of SDL requirements, pushing towards use of automation, infrastructure-as-code, & DevOps methods rather than manual or golden image techniques
- Develop implementation-specific architecture templates that meet security requirements expressed in policy and standards
- Assist with security reviews of and technical recommendations into high-level and low-level designs where required
- Assist with GRC consultation queries where required
- Invest in others, including application development and infrastructure teams, to support business applications and processes in new ways.
- Afford mentorship regarding solutions and concepts.
- Further a culture of innovation within the architecture and broader IT team.
Required Skills and Experience:
- Ability to align security frameworks with organisation security policies, and to craft corresponding security controls (whether implemented by technology or process)
- Proven experience implementing SDL in non-software contexts, including infrastructure.
- Experience with Infrastructure-as-Code (IaC) and automation through DevOps, and tools such as Jenkins, Terraform, and Ansible.
- Prior experience working with recognised security frameworks from ISO, NIST, etc, and with neutral / harmonisation frameworks like UCF (Unified Compliance Framework).
- Solid technical understanding of both on-premise infrastructure (network, platform, network-based storage, OS, virtualisation), cloud infrastructure (AWS, GCP, Azure, and others), and technologies found in both (e.g. docker, Kubernetes).
“Nice To Have” Skills and Experience:
- Bachelor's degree in computer science, information technology, or a related field; or equivalent experience/professional/industry certifications.
- Understanding of identity & access management for both people & systems.
- Understanding of software engineering.
- Exposure to large enterprise platforms such as SAP and Salesforce.
- Knowledge of Arm based compute & software.
- Relevant industry / vendor certifications.
- A passion for optimisation and automation, and a desire to motivate change!
- Strong motivation and drive, with the ability to operate across multiple projects simultaneously, including those that span geographies!
In Return:
We offer exciting and interesting work in global and diverse team. Arm's growth trajectory will ensure career progression and the opportunity to have a significant impact on our success.
#LI-JW
Reference: 222413272
Share this job:
Alert me to jobs like this:
Amplify your job search:
Expert career advice
Increase interview chances with our downloads and specialist services.
Visit Blog