We are looking to engage with several Security Architects and Security Specialists to assist ongoing financial services projects. Please note these roles are contract and fall inside IR35.
Ideally, we want to engage security specialists and architects who will act as an SME in security standards, requirements and associated governance processes. You will be expected to support a number of projects at any one given time, providing advice and approval for the content within security engineering.
- Provide the following capabilities as required by the project or determined by the work load alignment:
- Security Design
- Security Consultancy
- Security Architecture
- Accept ownership for technical related deliverables as defined by the project scope. Agree these deliverables with the aligned Engineer for the portfolio to ensure strategic and risk reduction adherence. Work with the project manager and business analyst to ensure any critical success factors or business objectives are reasonable and can be met.
- Analyse security risk within each design as appropriate to the scope and ensure that all interested stakeholders are informed or consulted where necessary.
- Design and implement security controls using a combination of Enterprise Architecture Patterns, Security Standards and bespoke deliverables.
- Take the lead on security architecture decisions and issues where the problem scenario is not covered by a pattern or standard. Seek guidance from domain architects or domain engineers where appropriate.
- Works with delivery leads, solution architects and infrastructure engineers to produce detailed security designs to the client's standards
- Provide security architectural SME knowledge and design engineering effort that leads to the creation of high quality solutions that comply with all relevant policies and Security Standards.
- Current CISSP / CCSP (or equivalent)
- Broad understanding across Cyber Security domains
- Knowledge of Cyber Security as it applies to Enterprise business and ideally exposure to risk or threat assessment techniques.
- Exposure to cloud security models including public, private and hybrid concepts
- Security Control Frameworks e.g. NIST, CIS & ISO27001 and practical experience in their implementation
- Experience authoring, maintaining and consuting from Security Standards
- Financial services experience desirable
- Ability to explain detailed technical concepts to non-technical colleagues