Technical Security Architect

Technical Security Architect

Permanent

Reading, UK

Responsibilities:

• We need someone to Provide technical leadership to internal business and technology domains, system integration partners and suppliers, ensuring the component architecture and solution design meets the domain architecture and business outcomes.
• Produce and oversee the production and approval of component architecture, patterns and standards, high-level designs, low-level designs, test strategies, cases and plans, deployment guidelines and the transfer of solutions into operations.
• Work alongside cross-functional delivery teams including partners and vendors to support delivery throughout the delivery lifecycle and ensure solutions are delivered into production on time and meet the operational acceptance criteria.
• Ensure the delivery of the solutions conforms to contractual outcomes and timescales.
• Support the Programme and Project Manager in project planning, risk and issue management and the budgeting process.
• Ensure that there is effective capacity and performance management in place for the solutions assigned to you and ensure that the solution is incorporated into the 18-month technical and budget roadmap for our domain.

Job Experience

• Demonstrable experience of providing technical, decision making and problem-solving leadership and can demonstrate setting technical direction and quality/ standards for security architecture, design and delivery.
• Demonstrate the ability to communicate with multiple stakeholders within the organization to act as the liaison between the business, other technical communities and the 3rd party delivery teams to ensure the delivery of the business requirements. This should include the ability to convert business requirements into a technical solution and vice versa.
• Experience in working in an environment where you have managed delivery to a predetermined contractual/ business outcome at pace and know how to influence/ negotiate technical outcomes with 3rd parties including conflict resolution due to changing priorities.
• Experience should include use of and maturing security controls, particularly in the following areas:
  • Development of service-oriented architectures and designs for cloud-based services.
  • Identify potential risks/threats during design reviews to assess security implications and requirements for introduction of new services, applications and technologies.
  • Assessment, development, implementation, optimisation, and documentation of a comprehensive and broad set of security technologies and processes to enable effective transfer of a solution into operations (secure software development (Application Security), data protection, cryptography, key management, API security, identity and access management (IAM), privileged access management (PAM), network security) within SaaS, PaaS, and IaaS cloud environments.
  • Deployment orchestration, automation, and security configuration management - infrastructure as code (Ansible, Jenkins, Puppet, Chef, etc).
  • Container technologies such as Docker/Kubernetes Engine/AKS/OpenShift and their secure deployment and management to enable secure delivery via a CI/CD pipeline.
  • Tools for container integrity and security, such a Twist Lock/Azure Security Centre.
  • Coud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
  • Microsoft Azure AD, Microsoft Azure Security solutions and broader areas of Microsoft Windows Security, M365 and Microsoft Enterprise Mobility + Security.
• Experience with common security management frameworks, such as NIST, PCI, GDPR, ISO Series OWASP, ITIL, the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks.
• Security and architecture certifications are desirable, such as CISSP, CISM, CCSK, TOGAF, SABSA

Project People is acting as an Employment Agency in relation to this vacancy.