As a Security Architect, you will work and lead on defining patterns to support new or mature projects. Which may include advising, documenting and researching integration paths. This is a new, engaging role where you will develop and implement information security architecture and technology solutions to address the current and emerging information security and compliance requirements of the Business. Reporting to the Information Security Director, you will also have a shared responsibility with our global architecture practice, this role will suit an ambitious individual with experience of infrastructure and application security.
Security architect undertakes complex work, often working on several projects. In this role, you will:
Interact with senior stakeholders across departments
Reach and influence a wide range of people across larger teams and communities
Coach Security Champions to document architecture to a high standard
Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions
Develop vision, principles and strategy for security architects for one project or technology
Work out subtle security needs
Understand the impact of decisions, balancing requirements and deciding between approaches
Produce particular patterns and support quality assurance
Lead the technical design of Security systems and services
Build a best practice approach for documenting Security Architecture
Serve as Information Security expert and trusted advisor on the System Replacement Programmes
Formalise the security architecture, identify design gaps and recommend security enhancements.
Analysis. You can monitor the analysis of a technical solution and ensure analysis is re-used for similar problem sets. You can review solutions and identify areas for change. You can drive the collection of information that is used and analysed. You can feed back on policy and requirements.
Communication skills . You have a deep understanding and can apply security concepts to a technical level. You can effectively translate and accurately communicate security and risk implications across technical and non-technical stakeholders. You can respond to challenge. You can manage stakeholders' expectations and be flexible, adapting to stakeholders' reactions to reach consensus.
Design secure systems. You can design and review system architectures through the development of patterns and principles.
Enabling and informing risk-based decisions. You can work with higher impact or more complex risks. You can advise on the impact of these and whether this is within risk tolerance. You can apply different risk methodologies in proportion to the risk in question.
Research and innovation. You can contribute to and inform developments on security properties in technology. You can identify new technologies and design the use of these in the business context across the organisation. You can engage with the broader security community.
Specific security technology and understanding. You have strong knowledge of system architectures. You can understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities. You are recognised as an expert by peers in the broader security industry.
Understanding security implications of transformation. You can interpret and apply understanding across a complex area. You have the ability to start influencing policy and process, business architecture, and legal and political implications.
Experience with one or more of the following:
EC-Council's Certified Network Defence Architect
Demonstrate evidence of building high performing global virtual relationships and developing robust practices
Demonstrate experience and deep understanding of the Security market both in terms of key suppliers and competitors
Familiarity with different global/regional/country regulatory environments and fiduciary requirements. Preferably knowledge of Betting & Gambling compliance and regulation.
Must demonstrate a deep understanding of technology and operations (in portfolio development and management context)
Possess a BSc or MA/MSc in Computer Science, Information Security or a related field.
Certified Information Systems Security Professional (CISSP) with extensive experience in threat modelling, cyber security, vulnerability management and security testing
Possess a Certification in SABSA/TOGAF/Zachman and/or other architectural frameworks whilst previously working as a Security Architect
International work environment
Small and very skilled experienced team
Flat organisation with high degree of individual responsibility
Very good social and physical working environment
Growing business with sound financials