i-confidential has an excellent opportunity for a Security Design Consultant to join an existing team with one of our retail banking clients.
The role is within a Security Engineering and Design team. The role involves working with Banking labs and projects to help deliver secure financial products and services. This will require obtaining a deep understanding of various technologies in order to produce or provide input into the necessary design or solution documents. This role will involve providing cyber security leadership within projects and labs, working with security teams and SMEs to ensure standards are met or surpassed as well as with product owners, vendors and developers.
Main Responsibilities and Key Deliverables
- Security Architecture and Solution Architecture
- Security Engineering and Design
- Security Consultancy
- Participate within each project as a primary resource ensuring commitment to attend all appropriate calls and meetings as agreed with the project manager.
- Accept ownership for technical related deliverables as defined by the project scope.
- Manage requirements from stakeholders within each project and collaborate on challenges
- Analyse security risk within each design as appropriate to the scope
- Design and implement security controls using a combination of Enterprise Architecture Patterns, Security Standards and bespoke deliverables.
- Threat model a solution to identify the security requirements
- Document the security design articulating how the design meets the security requirements
- Risk assess control weaknesses and have an understanding of Risk management frameworks
- Work closely with vendors, platform teams and SME’s where necessary in order to agree architectural decisions, design statements and exceptions.
- Take the lead on security architecture decisions and issues
- Provide security support for assigned projects at review committees, boards or forums in order to facilitate the project through governance.
Technical Skillset
The candidate should have experience and knowledge of a broad range of IT security principles and associated technologies and Cyber Security as it applies to Enterprise business and ideally exposure to risk or threat assessment techniques.
The candidate should have technical experience and demonstrable skill in one or more of the following areas:
- Cryptographic knowledge including encryption, key exchange, certificate handling and protocols (x509, PKCS12 etc)
- Security Control Frameworks e.g. ISO27001 and practical experience in their implementation
- Security Architecture principles, generic best practices
- Network security devices including NGFW, UTM or NIPS/NIDS
- Endpoint defence solutions including NGAV or EDR. Exposure to malware infection vectors and defence methods
- Endpoint and Server hardening principles, best practices
- Web application firewalls, network load balancers, proxy systems
- Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM
- Authentication, Authorisation and Accounting concepts, best practice and IAM management systems. OTP and MFA systems.
- Active Directory Security including federated solutions using ADFS, SAML etc
- Exposure to cloud security models including public, private and hybrid concepts
- Application security including web applications, SaaS services etc
- Data handling principles, protective marking/tagging and data security knowledge.
- Application Security
- Securing DevOps pipelines
- Containers - Docker/Kubernetes
- Securing Cloud (Azure, Google)
- Integrating on-prem services with cloud services
- Microservices architecture