Connecting...

W1siziisijiwmtgvmtivmtmvmdkvmjuvntavmziyl2ljdc5qcgcixsxbinailcj0ahvtyiisijiwmdb4nzawiyjdxq
Job

IT Security Architect

  • Job ref:

    1174002/001_1645620495

  • Location:

    Cardiff, Wales

  • Sector:

    ICT

  • Job type:

    Contract

  • Salary:

    £700 - £800 per day

  • Contact:

    Phil Johnson

  • Email:

    pjohnson@cbsbutler.com

  • Published:

    3 months ago

  • Duration:

    6 months +

  • Start date:

    March 2022

  • Consultant:

    #

IT Security Architect

+ 6 month initial contract

+ MOD IT Security Projects

+ up to £800 per day Umbrella

+ Inside IR35

+ Newport based with some remote work and travel to Hampshire

+ MOD SC Clearance required

Key Skills:

+ Boundary protection services/devices: Next Gen Firewalls, VPN, IDS/IPS, WiFi security, Data Diode, Web/Mail/directory proxies, DLP

+ Hosting security: Server platform lockdowns, Virtualisation security

+ Application security: Secure Gateways, Application proxies, DB security

The Security Architect enables the design and implementation of secure enterprise level system architectures. To achieve this objective he/she will be positioned as the lead security Information Assurance (IA) on projects where he/she will liaise closely with the SDA, System Element SMEs, TM and PMO to advise and direct the evolution of the system design towards a secure architecture that satisfies the security requirements, complies to relevant security policies, standards and achieves the necessary accreditation.

He/she will have a firm understanding of the overall system Accreditation process with knowledge of the key accreditation artefacts that must be produced, Accreditation milestones, Risk Assessment methodologies and Risk Treatment techniques, and supporting evaluation/certification standards (e.g. ISO 27001, CAPS, CTAS, CHECK). He/she will contribute to the delivery of Accreditation artefacts, in particular the details of the security architecture (e.g. within an RMADS) and the technical countermeasures applied to the Risk Treatment Plan.

Knowledge/Skills:

  • Architectural frameworks (e.g. TOGAF/MODAF, SABSA)

  • Secure architectural patterns (e.g. NCSC/NATO APs)

  • MoD/NCSC/NATO Accreditation methodologies and security standards (e.g. JSP 440, JSP 604, ISO 27001)

  • Capture and understand information flows through a system

  • Vulnerability Analysis: Understanding of attack vectors (technical and physical) against a system

  • Technical/procedural countermeasure solutions/products and mitigation techniques proportionate to the risk posed (e.g. MFA, Diode, Gateway, IDS/IPS, PKI, RBAC, CAPS products)

Knowledge of latest security technologies and defence in depth approach including but not limited to:

+ Boundary protection services/devices: Next Gen Firewalls, VPN, IDS/IPS, WiFi security, Data Diode, Web/Mail/directory proxies, DLP

+ Hosting security: Server platform lockdowns, Virtualisation security

+ Application security: Secure Gateways, Application proxies, DB security

+ End User Device (EUD) security: Client lockdown, Drive Encryption, DLP Anti-malware: Server AV, Client AV, network-borne AV, mail gateway AV

Protective Monitoring/SOC Services: SIEM, Vulnerability Analysis/Scanners, IDS/IPS, Alerting/Reporting use cases

Desirable:

Experience/knowledge of SATCOM solutions

Qualifications:

Masters Degree in Information Security or equivalent

NCSC CCP Senior Cyber/IA Security Architect

NCSC CCP Senior SIRA