Security Architect

We are currently working with a growing company that is actively recruiting for a Security Architect to join them on a permanent basis.

This is a vital role for the business, taking business requirements and creating low-level specifications and high-level designs, working closely with stakeholders from across the business as well as engineering teams in the process.

The successful candidate for the Security Architect will have the following responsibilities:

• Owning enterprise security architecture, integrating security controls within systems across the business
• Communicating effectively with stakeholders (both business and technology) to develop security requirements for projects
• Taking into consideration operational efficiency and useability when designing solutions
• Taking security requirements (both technical and non-technical) and creating high level designs, then in collaboration with engineering functions, producing low level designs
• Overall responsibility and ownership of security principles within architectural designs, ensuring these are effectively maintained and communicated
• Ensuring a consistent approach to high- and low-level designs by effectively collaborating with other architects as well as engineers
• During implementation/post implementation acting as a Technical Design Authority
• Acting as a SME on IT Security technologies, running workshops on security solutions for technical teams
• Developing and maintaining excellent relationships with senior management both within technology and across the business

The ideal candidate for the Security Architect will have the following skills and experience:

• Extensive experience designing security solutions, primarily for on-prem
• Experience with Threat Modelling frameworks
• Thorough knowledge of Information Security controls
• Excellent communication skills, with the ability to translate complex engineering terms into language that business stakeholders understand
• Experience working within Security frameworks e.g. Centre for Internet Standards (CIS)
• An understanding of DevSecOps best practices
• A strong background in Security Engineering
• Experience owning IT Security-focused projects

Our client operates a hybrid model with two days per week on-site.

In line with the Conduct Regulations 2003, when advertising permanent vacancies JNC Recruitment are acting as an Employment Agency, and when advertising temporary/contract vacancies JNC Recruitment are acting as an Employment Business