Title: Senior Information Security Architect IoT
Reference No: 2083
Company: Global Organisation
Location: London (Remote)
Reports to Head of Information Security Architecture
Salary: £90,000 - £100,000
Benefits: Bonus + Generous Package
PURPOSE OF THE JOB:
Design and maintain modern and re-usable architectural patterns for the secure use of Internet of Things (IoT). Establish and apply information security guardrails and architectural blueprints, and enable their application by other teams, for IoT technology used within the enterprise and for consumer-related use. Provide subject matter expertise on how to embed appropriate security in the lifecycle of new and existing products (e.g. iQOS devices). Support the adoption of the new patterns in strict alignment with Manager InfoSec Consumer & Product and close collaboration with other IT platform/platform enabling teams.
Dimensions: supervise 0-3 external cybersecurity SMEs, on-site or remotely; demonstrate leading expertise in 5+ global technical solutions used for IoT security; support security investments of up to $1 Mio/yearly."
Define and maintain an Internet of Things (IoT) security strategy for both consumer-related and enterprise-related use. Convert stakeholder security requirements (both technical and business process related) into conceptual blueprints, following industry standards/frameworks/best practices and taking into account risk vs. reward, budget constraints and potential integration or operational challenges.
Drive hands-on the execution of the Internet of Things (IoT) security strategy for the Company. Formalize (e.g. in the form of reference architectures, diagrams, guardrails, standard operating procedures, etc.) relevant security principles and requirements that govern how to adequately protect the confidentiality, integrity and availability of IoT-enabled consumer products and other IoT systems used enterprise-wide.
Provide subject matter expertise across the organization in support of initiatives which may have an impact on the Internet of Things (IoT) security posture of the Company or its consumer products. Review existing and proposed IoT security measures and proactively recommend and support the adoption of practical enhancements in collaboration with the relevant IT platform/platform enabling teams.
Coordinate the research, evaluation, recommendation and implementation of new or updated IoT security technology solutions that will reduce cyber risk to the Company or otherwise increase performance, reliability, cost effectiveness or flexibility. Establish and maintain meaningful relationships with technology vendors and other business partners.
Provide expertise to 150+ colleagues in Information Security and other IT functions on matters such as applicable policies, standards, procedures and guidelines, efficient use of tools and technologies related to the IoT security domain. Liaise with the wider IT Architecture community to ensure that IoT security principles are effectively and efficiently embedded in new IT initiatives or experiments.
SKILLS AND COMPETENCIES
College/University Master degree in computer/data science, electronic/electric/telecommunication, engineering or equivalent.
Professional certifications in Information Security or Cybersecurity
(e.g., Certified Information Systems Security Professional, Certified Information Security Manager).
• Minimum 7 years of experience as Internet of Things (IoT) security architect, ideally within a large organization
• Proven track record in the design and implementation of IoT security controls in a large consumer-facing environment (10'000 devices or more)
• Demonstrated experience with IoT specific communication/network technologies (e.g., Wi-Fi, Bluetooth LE, ZigBee, Z-Wave, etc.)
• Hands-on knowledge and application of good security practices on IoT platforms of major cloud computing providers (e.g., AWS, Azure)
• Familiarity with IoT technology solutions from ARM (Pelion), Intel, Armis or Microsoft
• Considerable technical writing proficiency, oral presentation skills, problem solving and decision-making skills
Others: skills / function specifics:
• Experience in using architecture methodologies such as TOGAF
• Practical experience in Agile/DevOps organizations and cultures