Security Architect
Venesky-Brown’s client, a public sector organisation in Glasgow, is currently looking to recruit a Security Architect for an initial 8 month contract on a rate of up to £550/day (Inside IR35). This role will be a hybrid of working at home and in the office.
Responsibilities:
– Engage with Business Stakeholders to develop an understanding of business needs and objectives requiring a technology solution and ensure they align to the defined security building blocks and principles.
– Develop a deep functional understanding of core solutions in the IT Estate and enable security controls are defined in line with the Cyber Strategy and security principles.
– Assist in the production of detailed security requirements from a functional and non-functional perspective.
– Critically evaluate information gathered from multiple sources, reconcile conflicts and decompose high level information into designs.
– Challenge Business Units on their assumptions and distinguish requests from the underlying needs of the business.
– As Assigned, develop and maintain a detailed knowledge of key business processes and systems
– Where appropriate, create and maintain functional test plans
– Support the partners on security and strategic key requirements and decisions
Work is required to deliver the following:
– Cyber Strategy Development in line with Partnership and Security Programme
– Deliver enterprise-class security principles, policies, standards and reference architectures in line with existing ISMS
– Provide technical security subject matter expertise to designs submitted to TDA and CAB
Included in the deliverables will be:
– Produce Cyber Strategy in line with ISMS and Partner Strategies
– Develop re-usable security building block and principles
– Ensure any designs submitted to TDA adhere to security design principles
– Produce High Level Design (HLD) and technical oversight
– Evaluation and technical SME input into 3rd Party solutions to deliver capabilities in line with strategy and Security Programme
– Statement of Work Preparation
– Attend and present at relevant Technical Assurance Group meetings, Security Programme HLD and LLD’s as required.
– Ensure security architectures are recognised as the road map for all business services and technical solutions
– Provide technical advice and governance on licensing requirements as detailed in the Bill of Materials (BOM)
– Provide technical advice into the Service and Support / Transition workstream
– Assist with assessments as requested
– Mitigation of Technical Risks as requested
– Begin the process of knowledge transfer into EIS in line with the program support strategy
– Support the Business to understand the actions and work packages to deliver accurate timelines for the technical elements
Essential Skills:
– Demonstrable work experience equivalent to SCQF level 9 or educated to degree level in Cyber Security
– Hands on experience of working in a Security Architect role
– Qualification in industry recognised enterprise architecture frameworks such as SABSA, TOGAF or equivalent
– Experience in similar customer-facing role working closely with business customers to develop technology-based solutions that align to business strategy
– Experience of working closely with IT Suppliers who provide 3rd party solutions
– Experience of defining solutions and system configurations
– Experience of development and implementation of Cyber Security Strategies
– Experienced defining and communicating technology and architecture blueprints and implementing roadmaps to achieve successful outcomes
– Good working knowledge of main security domains and implementation of appropriate levels of controls aligned to these
– Good understanding of complex scenarios with the ability to produce timely effective solutions
– Strong influencing skills, ability to influence at all levels
– A good understanding of IT related laws and regulations (Data Protection, Freedom of Information, Computer Misuse)
– Can demonstrate excellent stakeholder management skills with Internal and partner stakeholders as well as 3rd Party Managed Service Providers
– Leadership skills in driving forward security strategies and architecture in line with internal and external cyber threats
– Knowledge of, or experience in working with digitals teams in a cloud first environment
– Excellent communication both verbal and written.
– Excellent presentation skills with an ability to build strong relationships at all levels
– Strong interpersonal and negotiating skills
– Solutions-focused with excellent problem-solving, analytical and critical thinking skills
– Excellent planning and organisational skills
– Good decision-making skills
– Excellent active listening skills
– Strong understanding of Enterprise IT, including strategy, enterprise architecture, governance, operations, infrastructure and DevOps
– Determined, assertive and politically aware
– Must be a team player and able to work collaboratively with and through others
– Strong customer focus
– Highly motivated/enthusiastic and driven
– High level of personal resilience able to remain effective in changing business circumstances
– Ability to resolve difference between individuals and/or interested parties
– Ability to foster a culture of trust and co-operation and team working
– Forward looking with a holistic approach
– Self-managing
Desirable Skills:
– Industry leading Security Certification e.g. CISSP, SSCP, CompTIA Security+, CompTIA Cysa+
– Certification in Microsoft Azure Security, Solutions Architecture or equivalent
– Experience of working in a public-sector environment and with exposure to government cyber security practices
– Experience of using architectural tools such as Archimate Architecture
– A good understanding of risk management including risk concepts, risk assessments and risk reporting
– Understanding of Cloud Security industry level frameworks e.g., ISO27017&18, NSCS Cloud Security Principles
If you would like to hear more about this opportunity please get in touch.
Responsibilities:
– Engage with Business Stakeholders to develop an understanding of business needs and objectives requiring a technology solution and ensure they align to the defined security building blocks and principles.
– Develop a deep functional understanding of core solutions in the IT Estate and enable security controls are defined in line with the Cyber Strategy and security principles.
– Assist in the production of detailed security requirements from a functional and non-functional perspective.
– Critically evaluate information gathered from multiple sources, reconcile conflicts and decompose high level information into designs.
– Challenge Business Units on their assumptions and distinguish requests from the underlying needs of the business.
– As Assigned, develop and maintain a detailed knowledge of key business processes and systems
– Where appropriate, create and maintain functional test plans
– Support the partners on security and strategic key requirements and decisions
Work is required to deliver the following:
– Cyber Strategy Development in line with Partnership and Security Programme
– Deliver enterprise-class security principles, policies, standards and reference architectures in line with existing ISMS
– Provide technical security subject matter expertise to designs submitted to TDA and CAB
Included in the deliverables will be:
– Produce Cyber Strategy in line with ISMS and Partner Strategies
– Develop re-usable security building block and principles
– Ensure any designs submitted to TDA adhere to security design principles
– Produce High Level Design (HLD) and technical oversight
– Evaluation and technical SME input into 3rd Party solutions to deliver capabilities in line with strategy and Security Programme
– Statement of Work Preparation
– Attend and present at relevant Technical Assurance Group meetings, Security Programme HLD and LLD’s as required.
– Ensure security architectures are recognised as the road map for all business services and technical solutions
– Provide technical advice and governance on licensing requirements as detailed in the Bill of Materials (BOM)
– Provide technical advice into the Service and Support / Transition workstream
– Assist with assessments as requested
– Mitigation of Technical Risks as requested
– Begin the process of knowledge transfer into EIS in line with the program support strategy
– Support the Business to understand the actions and work packages to deliver accurate timelines for the technical elements
Essential Skills:
– Demonstrable work experience equivalent to SCQF level 9 or educated to degree level in Cyber Security
– Hands on experience of working in a Security Architect role
– Qualification in industry recognised enterprise architecture frameworks such as SABSA, TOGAF or equivalent
– Experience in similar customer-facing role working closely with business customers to develop technology-based solutions that align to business strategy
– Experience of working closely with IT Suppliers who provide 3rd party solutions
– Experience of defining solutions and system configurations
– Experience of development and implementation of Cyber Security Strategies
– Experienced defining and communicating technology and architecture blueprints and implementing roadmaps to achieve successful outcomes
– Good working knowledge of main security domains and implementation of appropriate levels of controls aligned to these
– Good understanding of complex scenarios with the ability to produce timely effective solutions
– Strong influencing skills, ability to influence at all levels
– A good understanding of IT related laws and regulations (Data Protection, Freedom of Information, Computer Misuse)
– Can demonstrate excellent stakeholder management skills with Internal and partner stakeholders as well as 3rd Party Managed Service Providers
– Leadership skills in driving forward security strategies and architecture in line with internal and external cyber threats
– Knowledge of, or experience in working with digitals teams in a cloud first environment
– Excellent communication both verbal and written.
– Excellent presentation skills with an ability to build strong relationships at all levels
– Strong interpersonal and negotiating skills
– Solutions-focused with excellent problem-solving, analytical and critical thinking skills
– Excellent planning and organisational skills
– Good decision-making skills
– Excellent active listening skills
– Strong understanding of Enterprise IT, including strategy, enterprise architecture, governance, operations, infrastructure and DevOps
– Determined, assertive and politically aware
– Must be a team player and able to work collaboratively with and through others
– Strong customer focus
– Highly motivated/enthusiastic and driven
– High level of personal resilience able to remain effective in changing business circumstances
– Ability to resolve difference between individuals and/or interested parties
– Ability to foster a culture of trust and co-operation and team working
– Forward looking with a holistic approach
– Self-managing
Desirable Skills:
– Industry leading Security Certification e.g. CISSP, SSCP, CompTIA Security+, CompTIA Cysa+
– Certification in Microsoft Azure Security, Solutions Architecture or equivalent
– Experience of working in a public-sector environment and with exposure to government cyber security practices
– Experience of using architectural tools such as Archimate Architecture
– A good understanding of risk management including risk concepts, risk assessments and risk reporting
– Understanding of Cloud Security industry level frameworks e.g., ISO27017&18, NSCS Cloud Security Principles
If you would like to hear more about this opportunity please get in touch.