Information Security Architect - Slough

IT/Information/Cyber Security
Ref: 109 Date Posted: Wednesday 19 Jan 2022
LinkedIn ShareShare
Location:   Remote – access to Buckinghamshire
Reports to: Senior Information Security Architect
Salary: £90,000 - £95.000
Benefits: Generous
No. Required: 2

            

                   

The Role

 

Working as part of the security architecture team, you will be expected to help improve the cyber security maturity, while helping the business maximize opportunities to maintain and grow its core business and rapidly pivot to new ventures.

You will work closely with the business and colleagues in both the IT and

information security team.

To be successful you will be adaptable and possess good business acumen.

You will be self-motivated but also be an active team player and work collaboratively across teams to achieve design and business focused outcomes.

You will ideally have a good understanding of agile working practices,

including Kanban.

 

You will have good knowledge of:

 

•             Security control technologies across a variety of environments, including cloud, networks, datacentre and hosting security.

•             Current threats, threat intelligence and vulnerabilities.

•             Implications of regulatory frameworks on cyber security.

•             Core IT technologies, including networking, DNS, SMTP, Firewalls,Wintel, HCI, and virtualization.

•             Concepts around business continuity, availability and recovery.

•             Architectural frameworks.

•             Industry standards such as ISO 27001, NIST SP800 series.

 

Successful candidates will be required to hold and maintain SC clearance.

 

Responsibilities

 

•             Working with stakeholders and other teams to produce risk assessments, discuss and agree appropriate mitigations and controls and document the outcomes into a formal risk document.

•             Working with the IT team to deliver technical controls to mitigate threats to the company’s information and systems.

•             Communicate effectively with business stakeholders, to understand their requirements and to promote good security practices within the business.

•             Be a trusted advisor, security advocate to colleagues across the business.

•             Work with other teams in the information security group to identify increases in risk as a result of external and internal factors.

•             Translate business strategy, requirements into security architectures to effectively communicate risk and assist in the development of compensating control solutions, processes and people development.

•             Review of existing security architecture, identify design gaps, and recommend improvements to information security controls

•             Facilitate alignment between security architecture frameworks and standards and overall business strategy

•             Maintaining professional knowledge by tracking and understanding emerging security practices and standards.

•             Authoring and reviewing technical documentation.

•             Writing and developing security policies, standards and guidelines.

 

Vocational Qualifications:

 

•             BS or MS in Computer Science, Information Security, or a related field or equivalent industry experience

•             Certified Information Systems Security Professional (CISSP)

 

Experience required:

Mandatory

•             At least 5 years’ experience in information security, especially in a security architect role

•             Experience working with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)

Desirable

•             Working knowledge of OT Security

•             Working with SABSA or TOGAF

 

Specific know how and technical skills:

 

•             Network and perimeter Security

•             Network Protocols

•             Systems and host security

•             Business Continuity & Disaster Recovery planning

•             Writing Information Security policies & procedures

•             Knowledge of security technologies, such as cryptography and Cloud security technologies.

 

Behavioural competencies:

 

•             Adaptable, ability to pivot quickly to new challenges to support the business and changing risk profile.

•             Business Acumen, an understanding of business needs, strategies and applying that knowledge to produce business focused security architectures.

•             Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate option.

•             Maintain and develop knowledge in existing security and IT/OT systems and an ability to keep pace with changing security, IT and OT technologies

•             A team-focused mentality with the proven ability to work effectively with diverse stakeholders

•             An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner

•             Acceptance of problem ownership and a sense of urgency to resolve security incidents and risks Experience required: