We are looking for a Security Architect to assist with one of our clients in insurance services on a contract basis. This will be 6 months initially but with the intent to review, the programme will go throughout 2022. Please note this role falls inside IR35.
The Security Architect will be responsible for developing and maintaining the Claims Security Architecture and associated artefacts with the key objective of providing guidance, at scale, to the technical and business communities on how to design and build solutions which are secure by design and compliant with the client's policy, legal and regulatory requirements.
You will be responsible for the security architecture elements of the Systems Development Life Cycle (SDLC) and will work with the Architecture, Delivery and Change communities to ensure security requirements are adequately built into new systems and solutions.
- Developing and maintaining the programme’s Security Architecture and associated artefacts.
- Providing guidance, at scale, to the technical and business communities on how to design and build solutions which are secure by design and compliant with the client's policy, legal and regulatory requirements.
- Maintaining and championing the security architecture elements of the SDLC.
- Support the CISO and the Security Management Leadership in the development of the security strategy and associated security services.
- Provide oversight on the implementation of the security architecture within the Claims Transformation programme.
- Work closely with the programme to ensure adequate delivery of security requirements in projects and programmes.
- A strong track record of developing security architectures
- Solid understanding of SDLC, including Agile methodologies
- Experience with a broad spectrum of technologies (including cloud variants and integrations)
- Ability to communicate technical requirements in solutions in business terms and contexts
- Relevant architecture qualification (such as SABSA or TOGAF), or equivalent experience
- Advanced knowledge of security frameworks such as NIST, ISF, SABSA, etc.
- Preference for CISSP