Security Architect

 

Description:

Job Summary –

Information Security Architect will develop and implement information security architecture and technology solutions to

address the current and emerging information security and compliance requirements.

Technical Skills:

Possessing or working towards certification in SABSA/TOGAF/Zachman/CREST Registered Technical Security Architecture

(CRTSA)/CISSP – ISSAP (Information Systems Security Architecture Professional) and/or other architectural frameworks

• Strong experience in threat modelling, cyber security, vulnerability management, security testing; security risk experience

• BSc or MA/MSc in Computer Science, Information Security or a related field (e.g. IT Audit, Enterprise Risk Management,

etc)

• Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC)

• Lead security architect experience

• Solid experience with regulatory compliance and information security management frameworks

• A self-starter with the ability to manage a team and implement change through an organisation

• Collaboration especially with non-security specialists

• Ability to communicate a vision and establish execution plan for that vision

• Excellent communication skills, both written and verbal. Ability to build strong relationships and influence decisions with

internal and external stakeholders.

• A good understanding of project management methodology and how to implement security within it

• Good analytical skills and the ability to challenge the room

• An ability to be pragmatic while balancing the needs of the against security

Key Responsibilities

• Review existing security architecture, identify design gaps and recommend security enhancements

• Define frameworks, standards and tools to be used across all environments

• Serve as Information Security expert and trusted advisor.

Replacement Programmes

• Stay abreast of emerging security technologies and lead on integration into security architecture as appropriate

• Ensure alignment between security architecture frameworks and standards and overall strategic objectives

• Monitor security risk management across environments

• Act as Information Security expert during migrations and liaise with internal/external IT teams, vendors and hosting

providers

• Achieve security architecture compliance on requirements, including but not limited to: GDPR, the UK Data Protection Act,

the Computer Misuse Act, Paymer Card Industry/Data Security Standard and ISO 27001

Certifications Needed:

 Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC).