Senior Security Architect - Contract - Hybrid

Role: Senior Security Architect
Location: London/Hyrbid (40% office based)
Start: ASAP
Duration: Minimum 6 months, extension likely.
Main purpose of the job
▪ To set the clients information security technical standards in relation to the whole lifecycle: procurement; configuration; operation and decommissioning of IT products and services.
▪ Responsible for developing a security strategy for the clients IT products.
▪ To own the clients information security standards and be responsible for developing a roadmap that results in compliance with a baseline security model.
▪ To take an active part in ensuring security by design within all ISD projects.
▪ To work with other members of the IG Compliance team to track and report on progress against the roadmap.
▪ To work closely with the ISD architecture practice to assist with baking security into the clients architectural standards.
▪ To provide advice and guidance to ISD Solution Architects and product team as required.
▪ To assist product teams to become more security aware and capable of managing their own security responsibilities.
Ideal Candidate Profile:
Essential:
- Experience in using architecture methodologies such as SABSA, Zachman and/or TOGAF
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services

- At least one of: CISSP, CISA, CISM, TOGAF, relevant SANS/GIAC certifications or similar. Additional certifications desirable

- At least one of:

• Full-stack knowledge of IT infrastructure
• Direct experience designing IAM technologies and services
• Strong working knowledge of IT service management (e.g., ITIL-related disciplines)

Desirable:

- Direct, hands-on experience or a strong working knowledge of vulnerability management tools

- Experience designing the deployment of applications and infrastructure into public cloud services

- Verifiable experience reviewing application code for security vulnerabilities

- Experience working in a Higher Education environment

Essential Skills and abilities:

- Strategy: Able to interpret business, technology, and threat drivers, and develop practical security roadmaps to deal with these drivers

- Communication: Able to translate complex security-related matters into terms that are readily understood by colleagues and present them in person and in written format

- Project Management: Able to draft project plans for security service and technology deployments and coordinate with stakeholders across the organization