Cyber Security Architect- 12 month fixed term
Posted on Oct 10, 2020 by Willis Towers Watson
12 month fixed term contract, with possibility to extend further or become permanent.
The Cyber Security Architect is accountable for supporting Enterprise Architecture activities through creating high- and low-level security design deliverables that guide existing and developing business solutions to secure enterprise applications and information. This role has a focus on analysing security requirements for Infrastructure and Network security components such as perimeter security, secure web gateways, DDoS, WAF, protocols and so forth for both on-premise and cloud environments and developing standards and design solutions for their implementation.
- Develop and maintain High- and Low-Level design documents including Reference Architectures, Security Configuration Standards and Solution Diagrams.
- Ensure all designs align with Company Information Security requirements, Policies, and Standards to help ensure delivery of secure solutions
- Analyse business processes, environments and applications in order to identify areas of security risk and develop secure controls and solutions to address them.
- Develop technology visions and strategies that support and enhance business strategy
- Understand security and technology trends and the practical application of existing, new, and emerging technologies to enable new and evolving business and operating models.
- Perform vendor evaluations and participate in proof-of-concept validations to further ensure designs and recommendations will achieve required objectives.
- Work with implementation and operational teams to ensure thorough understanding of the security controls to be implemented.
- Consult with application and infrastructure development projects to build security into broader enterprise applications and processes.
- Understand secure solutions and technology with enough depth to identify specific secure settings to achieve compliance with designs and standards.
- Develop, communicate, and deploy Enterprise Architecture processes, reference architectures, technical standards/strategies and blueprints and patterns.
- Establish strong working relationships with other enterprise Architects and business Information Security teams.
- Maintain in-depth knowledge of the organisation's technologies and architectures
- Sound IT Security experience with recent experience in a Security Architect role focusing on Cloud IaaS (Microsoft Azure) and SaaS (Microsoft O365) environments
- Experience in Data Loss Prevention (DLP) and Information Classification tools, O365 DLP and Azure Information Protection preferred.
- Understanding of key network and infrastructure security solutions such as Firewalls, SD-WAN, WAF, DDoS protection IPS, Web Proxy, etc.
- Understanding of SASE solutions and cloud-based service delivery of traditional security controls (eg Proxy, Firewall)
- Experience or involvement in cloud infrastructure security designs, MS Azure preferred
- Broad knowledge of Information Security, IT and industry best practices
- Understanding of agile methods and processes, and capability of supporting agile project teams
- Excellent understanding of best practice infrastructure and network architectures
- Awareness of data residency issues and effects on secure solutions (eg GDPR)
- Qualifications: CISSP, Cloud or other relevant certification preferred