Connecting to LinkedIn...

Technical Security Architect

Job Title: Technical Security Architect
Contract Type: Contract
Location: Reading, Berkshire
Industry:
Salary: Negotiable
REF: RC/C/TechnicalSecuri_1667476345
Contact Name: Rohit Chavda
Contact Email: Rohit.Chavda@projectpeople.com
Job Published: 3 months ago

Job Description

Technical Security Architect

Contract/Permanent

Reading - 2 Days/Week Onsite

Job purpose.

The role is subject to broad practices and procedures covered by functional precedents and policies and managerial direction. The role has the independence needed to achieve annual results in line with operating plans and policies.

Responsibilities:

  • Accountable for providing technical leadership and governance across technical domains and partners, ensuring adherence to architecture, security policies and standards, technical and business objectives.
  • Accountable for the technical design and deliver of security solutions within public/private and hybrid cloud networks, defining security architecture and requirements for systems and application to ensure that products, projects and programmes are secure by design.
  • Develop and manage the relationship with internal stakeholder and partners to support and deliver our requirements and the contracted outcomes to budget, time and quality.
  • Provide the technical leadership and direction to our partners.
  • Support the technical domain lead to build and prioritising the 18 month technical and budget roadmap.
  • Accountable for capacity and performance of the technical domain.

Knowledge and Experience:

  • Demonstrable experience of providing technical, decision making and problem-solving leadership and can demonstrate setting technical direction and quality/ standards for security architecture, design and delivery.
  • Demonstrate the ability to communicate with multiple stakeholders within the organization to act as the liaison between the business, other technical communities and the 3rd party delivery teams to ensure the delivery of the business requirements. This should include the ability to convert business requirements into a technical solution and vice versa.
  • Experience in working in an environment where you have managed delivery to a predetermined contractual/ business outcome at pace and know how to influence/ negotiate technical outcomes with 3rd parties including conflict resolution due to changing priorities.
  • You will have provided direction to large technical delivery programmes that include complex integrations spanning multiple technology domains and stakeholders including working with a systems integrator to deliver contracted outcomes.
  • Experience with common security management frameworks, such as NIST, PCI, GDPR, ISO Series OWASP, ITIL, the ISF Standards of Good Practice (SoGP) and ISACA's Control Objectives for Information and related Technology (COBIT) frameworks.
  • Security and architecture certifications are desirable, such as CISSP, CISM, CCSK, TOGAF, SABSA

Experience should include use of and maturing security controls, particularly in the following areas:

  • Development of service-oriented architectures and designs for cloud-based services.
  • Identify potential risks/threats during design reviews to assess security implications and requirements for introduction of new services, applications and technologies.
  • Assessment, development, implementation, optimisation, and documentation of a comprehensive and broad set of security technologies and processes to enable effective transfer of a solution into operations (secure software development (Application Security), data protection, cryptography, key management, API security, identity and access management (IAM), privileged access management (PAM), network security) within SaaS, PaaS, and IaaS cloud environments.
  • Deployment orchestration, automation, and security configuration management - infrastructure as code (Ansible, Jenkins, Puppet, Chef, etc).
  • Container technologies such as Docker/Kubernetes Engine/AKS/OpenShift and their secure
  • Deployment and management to enable secure delivery via a CI/CD pipeline.
  • Tools for container integrity and security, such a Twist Lock/Azure Security Centre.
  • Cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies.
  • Microsoft Azure AD, Microsoft Azure Security solutions and broader areas of Microsoft Windows Security, M365 and Microsoft Enterprise Mobility + Security.

Project People is acting as an Employment Business in relation to this vacancy.