Information Security Architect
|Job Title:||Information Security Architect|
|Location:||Yorkshire and the Humber, England|
|Contact Name:||Richard Williamson|
|Job Published:||February 16, 2018 09:02|
My client, a global Financial Services End User are searching for an Information Security Architect to join their business in Yorkshire, this role is a full time permanent role, with a salary of up between £65,000 - £80,000.
This role will join a global business where IT is at the heart of their DNA, you will join a Security team of around 120 people, who are all passionate about Security. The key attributes this individual will have are - solid back ground in Architecture (Network or Security), Design & approval & PCI would be a huge plus.
Summary of This Role:
Security Architecture and Design Specialist required for a dynamic and challenging role in our Knaresborough based office. A key member of the Global Information Security Architecture team you will also work closely with the other members of the Information Security (IS) team to deliver security policies, processes and standards into the design and build of solutions. Focused on the International Business Segment (outside of North America) you will work with business units and other functions to identify security requirements, using methods that may include risk and business impact assessments. Your day to day role will be alongside the Global Technical Services (GTS) department and associated business units to design and ensure the implementation of appropriate technical security controls to meet the security requirements.
What Part Will You Play?
*Works with IT and IS teams to identify, select and implement technical security controls.
*Consults with IT solution designers to assure and ultimately approve designs and system changes in line with policy, agreed standards and/or risk profile.
*Develops security processes and procedures to ensure that security controls are managed and maintained.
*Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.
*Maintains an in depth understanding of financial and credit card industry standards (e.g. PCI standards, card association requirements, DPA) and ensures that all projects are delivered to these standards.
*Assesses IT operational activities for compliance and security gaps both periodically (e.g. PCI assessments) and as an ongoing activity (e.g. day to day interactions).
*Prioritises remedial work, driving security improvements across the business. Trains non-security staff on risks and sensible approaches for mitigation.
*Supports incident response from a security technology perspective.
*Assess the impact of business change on the IT security model and associated artefacts.
*Develops architecture strategy and creating models/patterns.
*What Are We Looking For in This Role?
*Degree or equivalent industry experience.
*PCI DSS experience mandatory.
*Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) and/or TOGAF qualification highly desired.
*CCSP or AWS Cloud Certifications highly desired.
*ISO 27001 or NIST CSF experience highly desired.
*What Are Our Desired Skills and Capabilities?
*Strong understanding of business applications, including internet facing and financial systems.
*Excellent technical knowledge and preferably design experience of mainstream operating systems [for example, Microsoft Windows, Macintosh, Linux, AIX] databases, middleware, virtualisation and storage technologies.
*Excellent technical knowledge and preferably design experience of a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, cryptography, SIEM, anti-malware solutions, automated policy compliance tools, and desktop security tools.
*Excellent technical knowledge and preferably design experience of network infrastructure and design, including routers, switches, firewalls, and the associated network protocols and concepts.
*Excellent technical knowledge and preferably design experience of application and web technology and security issues (for example OWASP).
*Ability to apply skills to new technology stacks including Public Cloud and Containerisation.
*Technical knowledge of mainframe systems (desirable).
*Proficiency in performing risk, business impact, control and vulnerability assessments.
*Ability to absorb and understand complex 24x7 enterprise IT environments and rapidly identify potential vulnerabilities, security risks and impacts.
*Strong analytical and conceptual skills; ability to create original concepts/theories for a variety of stakeholders.
*Excellent communication skills with the ability to communicate highly technical issues and strategy to both technical and non-technical audiences at all levels within the company.
*Experience of working in an international organisation and handling issues that cross cultural boundaries.
*Able to deliver results through virtual teams and matrix managed resources.
Please apply to this role to be connected with a consultant to hear more - Lawrence Harvey is an award winning specialist Technology recruitment Agency, we offer services to both candidates and customers please get in touch to hear more about the value we can add to your search or your organisation
Lawrence Harvey is acting as an employment agency in regards to this position.
Visit our website www.lawrenceharvey.com and follow us on Twitter for all live vacancies @lawharveyjobs
Get similar jobs like these by email
By submitting your details you agree to our T&C's