Login
Register
facebook
07989475537
Menu
About Us
Industry Sectors
The Team
Jobs
Events
Privacy Statement
Login
Register
Job Search
Any Type
Permanent
Contract
Any Discipline
Business Continuity
Business Risk/Compliance
IT Audit
IT/Information/Cyber Security
Information/Business Risk
Developers/DevSecOps
Sales
Any Location
Berkshire
Bristol
Buckinghamshire
Cambridgeshire
Cheshire
Cornwall
Cumbria
Derbyshire
Devon
Dorset
Durham
East Sussex
East Yorkshire
Essex
Gloucestershire
Hampshire
Hertfordshire
Kent
Lancashire
Leicestershire
London
Lincolnshire
Manchester
Middlesex
Newcastle upon Tyne
Norfolk
Northamptonshire
Nottinghamshire
Oxfordshire
Shropshire
Somerset
Staffordshire
Suffolk
Surrey
West Sussex
Warwickshire
Bedfordshire
West Midlands
West Yorkshire
Wiltshire
Worcestershire
Scotland
Wales
Denmark
Qatar
New Item
Anywhere in the UK
Home
M25
Indian Ocean
This field contains illegal characters.
Sorry, this advert is now closed. Click
here
to view our live vacancies.
Information Security Architect
-
City of London
IT/Information/Cyber Security
Ref:
179
Date Posted:
Wednesday 10 Jul 2024
Title: Information Security Architect
Reference No: 2144
Company: Financial Services
Location: Can be based in UK, Ireland, Belgium, Luxembourg or Isle of Man
Reports to Group CISO
Salary: £100,000
The Role
The Information Security Architect is a key role in ensuring appropriate security posture of the Group. You will join a growing information security team and take accountability for managing security architecture of the company and technical designs of IT solutions. The Group of Companies operates across 10+ offices and data centre locations globally and is actively expanding into new territories.
Responsibilities
Provide requirements, support and control security stage gates to IT and business programmes and projects to ensure security is appropriately addressed. Act as a Technical Design Authority for security.
Provide a high level of security consultancy and engineering support for Windows/Azure/Linux security solutions including analysis and development of security solutions.
Provide architecture assurance on security initiatives and compliance of existing security standards
Contribute to the vision, strategy, and drive design and implementation for security platforms both on premises and in the cloud
Provide security consultancy and engineering support for security solutions.
Present current security risks and threats at technical and managerial levels.
Actively monitor new and emerging security and privacy related technologies, trends, issues, and solutions and assess their applicability to key business initiatives and strategies.
Participate in Information Security Incident Response activities for the environment.
Monitor compliance with the organization's information security policies and procedures among employees, contractors and third parties.
Liaison with key stakeholders to create and enforce policy including business departments, IT, Legal, Internal Audit, and Compliance.
Lead the effort to ensure security compliance in accordance with regulatory security standards required by appropriate governing bodies.
Provide support to Security and other technical operations staff to ensure smooth turnover from Development to Production - and provide mentoring to junior level security professionals.
Develop and maintain documentation of all Security products including specific tools, technologies and processes.
Assist in M&A security due diligence activities – as needed.
Role Requirements
Minimum of 3 years experience in similar role, 5 years experience in Information Security
Experience implementing security risk control management frameworks – i.e. CIS/SANS20, NIST CSF, ISO27001/27002
Excellent understanding and experience of engineering Microsoft security solutions – including desktop and server operating systems, Active Directory, Group Policy, DNS, Messaging.
Experience managing IaaS, SaaS solutions and services using CI/CD pipelines. Jenkins, Terraform experience is a strong plus
Solid understanding of SAML, OIDC and Kerberos authentication and related technology controls and best practices.
Strong Experience with Office 365 security controls including usage of Azure Active Directory, Conditional Access, o365 logging APIs, Microsoft CAS, and Microsoft Authenticator.
Experience in Networks and Security monitoring, SIEM, Firewalls, Identity & Access management, Risk and Vulnerability Management, Incident management & response
Expertise in security tools such as email security solutions, web filtering, data leakage protection and intrusion detection systems;
Understanding and experience with implementing Data Loss Prevention (DLP) solutions, policies, and technologies.
Understanding of Azure Information Protection (AIP) and its components, including labelling, classification, and encryption.
Ability to develop and implement strategies to ensure compliance with industry and data protection regulations (such as BMA, MAS, EU financial sector regulations, DORA, GDPR).
Strong knowledge and experience in a variety of security technologies including: EDR, SIEM, Vulnerability Management.
Demonstratable and fundamental experience working within a cloud environment and cloud networks would be advantageous – e.g. Azure, AWS;
Ability to work independently and think proactively.
Good interpersonal, written and verbal communication and engagement skills with experience engaging own team, all levels of employees and external partners;
Must have excellent organisational skills with attention to detail; be a self-starter and able to prioritize in a fast moving, high pressure, constantly changing environment; high sense of urgency
Be energetic, passionate with a positive attitude
Relevant security certification (CISSP, GCIA, CISM, CRISC, CEH etc.) and/or product certifications (Microsoft Security, Azure, Windows, AD etc.) a plus.