Information Security Architect

Information Security Architect

As a Security Architect, you will work and lead on defining patterns to support new or mature projects. Which may include advising, documenting and researching integration paths. This is a new, engaging role where you will develop and implement information security architecture and technology solutions to address the current and emerging information security and compliance requirements of the Business. Reporting to the Information Security Director, you will also have a shared responsibility with our global architecture practice, this role will suit an ambitious individual with experience of  infrastructure and application security. 

THE CHALLENGE:

Security architect undertakes complex work, often working on several projects. In this role, you will: 

Interact with senior stakeholders across departments 

Reach and influence a wide range of people across larger teams and communities 

Coach Security Champions to document architecture to a high standard

Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions 

Develop vision, principles and strategy for security architects for one project or technology 

Work out subtle security needs 

Understand the impact of decisions, balancing requirements and deciding between approaches 

Produce particular patterns and support quality assurance 

Lead the technical design of Security systems and services 

Build a best practice approach for documenting Security Architecture  

Serve as Information Security expert and trusted advisor on the System Replacement Programmes  

Formalise the security architecture, identify design gaps and recommend security enhancements.  

YOUR PROFILE:

Analysis. You can monitor the analysis of a technical solution and ensure analysis is re-used for similar problem sets. You can review solutions and identify areas for change. You can drive the collection of information that is used and analysed. You can feed back on policy and requirements.  

Communication skills . You have a deep understanding and can apply security concepts to a technical level. You can effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders. You can respond to challenge. You can manage stakeholders' expectations and be flexible, adapting to stakeholders' reactions to reach consensus.  

Design secure systems. You can design and review system architectures through the development of patterns and principles.  

Enabling and informing risk-based decisions. You can work with higher impact or more complex risks. You can advise on the impact of these and whether this is within risk tolerance. You can apply different risk methodologies in proportion to the risk in question.  

Research and innovation. You can contribute to and inform developments on security properties in technology. You can identify new technologies and design the use of these in the business context across the organisation. You can engage with the broader security community.  

Specific security technology and understanding. You have strong knowledge of system architectures. You can understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities. You are recognised as an expert by peers in the broader security industry.  

Understanding security implications of transformation. You can interpret and apply understanding across a complex area. You have the ability to start influencing policy and process, business architecture, and legal and political implications.

Experience with one or more of the following:

EC-Council's Certified Network Defence Architect 

Demonstrate evidence of building high performing global virtual relationships and developing robust practices 

Demonstrate experience and deep understanding of the Security market both in terms of key suppliers and competitors 

Familiarity with different global/regional/country regulatory environments and fiduciary requirements. Preferably knowledge of Betting & Gambling compliance and regulation.

Must demonstrate a deep understanding of technology and operations (in portfolio development and management context) 

Possess a BSc or MA/MSc in Computer Science, Information Security or a related field. 

Certified Information Systems Security Professional (CISSP) with extensive experience in threat modelling, cyber security, vulnerability management and security testing 

Possess a Certification in SABSA/TOGAF/Zachman and/or other architectural frameworks whilst previously working as a Security Architect 

OUR OFFER:

International work environment

Small and very skilled experienced team

Flat organisation with high degree of individual responsibility

Very good social and physical working environment

Growing business with sound financials