Security Architect

Security Architect X2

Location: Salisbury (On Site, very little remote work)

Employment Type Contractor

Duration - 12 Month initial

Security Clearance Level DV

Daily rate - £500 - £650 DOE Inside IR35

The Security Architect will work as part of my Clients Development Teams, reporting to the Development Team Lead, and will be responsible for the design, documentation and assurance of security controls in the networks, workplace, platform and applications services, helping to ensure that the information security is proportionately maintained through the life of the system.

Key Responsibilities:

  • Understands the business and information risk context, and propose architectures and countermeasures to mitigate risks from solutions

  • Works closely with information risk advisors, accreditors, solution architects and system engineers to enable secure definition, delivery and configuration of ICT systems

  • Analyses existing and proposed technical architecture for security risk, applying secure architecture principles and practices to assure technical architectures

  • Assures implementation of security controls to mitigate risks

  • Provides expert technical advice to support the design and development secure architectures

  • Inputs detail on security control implementations and testing into to security risk management tooling

  • Supports security consultants by providing security control details, any gaps, and provide evidence of implementations.

  • Supports the Security Lead in wider operational security delivery including advocating a strong security culture and training to new joiners

  • Works with wider business stakeholders including customers, suppliers, and internal teams to ensure successful project delivery.

  • Advises on appropriate security controls to mitigate security architecture risks

Essential Skills:

  • Information Security experience within a large organization

  • Ability to articulate and pitch security advice, often at a technical level, directly to key customer stakeholders

  • Hands-on experience of architecting secure solutions

  • Experience of designing and/or implementing security controls using Microsoft standard tooling in a large organization

  • A clear understanding of UK Government Security Frameworks including the Security Policy Framework and NCSC Good

  • Practice guidance

  • Experience in providing advice on data protection, information security and business continuity

Desirable Skills:

  • Experience working in MOD security delivery projects

  • CISA, CISSP, CISM, or CIA would be highly desirable or equivalent experience

  • Experience using security risk management tooling

  • Good working knowledge of security related JSPs

  • Technical experience in IDAM technologies and architectural frameworks

Network security architecture principles such as network zoning and segmentation