Security Architect - Chelmsford, United Kingdom - Keystream

Keystream
Keystream
Verified Company
Chelmsford, United Kingdom

4 weeks ago

Tom O´Connor

Posted by:

Tom O´Connor

beBee Recruiter
Description

Job Title:
Security Architect

Function:
Finance and TechnologyLocation: South East / Remote

Daily rate:
£650 (Inside IR35)


Job Purpose:


As Security Architect, you will be responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, electronic, data, physical) in technical development and delivery in support of the Councilbusiness objectives and requirements ensuring alignment and adhering to the principles of simplification, sharing and re-use.


Service/Functional Accountabilities:


  • Responsible for the development, implementation, delivery and support of an enterprise information Security Architecture aligned to the strategic requirements of the Council.
  • Responsible for production of security specifications for tenders and provision of new services. Reviews and scores supplier and tender responses from a security perspective to ensure robust security posture.
  • Oversees implementation of designs and services from a security perspective to ensure that security is implemented in accordance with approved design and contractual obligations.
  • Key stakeholder, approver and gatekeeper for security in ITIL processes such as Change and Release. Authority for approval of all designs from a security perspective at the TOGAF design board.
  • Responsible for providing expert advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
  • Leading the Delivery of security innovation to the advantage of the Council by capturing and prioritising market and environmental trends, business strategies and objectives, and identifying the business benefits of alternative strategies ensuring alignmentto the Security Architecture.
  • Leading assessment an approval of technical design to ensure Information Security Architectural conformance which ensures effective protection of Council data.
  • Responsible for setting and maintaining Security Standards and Principles and ensuring they are correctly employed in all technical initiatives to ensure commonality of solutions design and implementation
  • Responsible for obtaining vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems to ensure appropriate protection of Council data
  • Leads the creation and review of a security capability strategy that meets the strategic requirements of the business
  • Leads collaboration and provides expert advice and guidance regarding security issues to Business Partners, Operational Teams and Suppliers to develop and present business cases, for highlevel initiatives, approval, funding and prioritisation compliantwith the Council Information Security Architecture
  • Commission and lead regular cross team security reviews of network firewall rules, webfilter rules, WAF rules, Conditional Access rules, MCAS rules, Windows Client firewall rules, onpremises, Azure, M365 and Oracle platform plus any new onboarded services.
Track remedial actions, issues and progress.

  • Specific individual and shared targets and objectives are defined annually within the performance management framework.

Budgetary responsibility:
Indirect responsibility and influence of budgets of more than £1M dependent on transformation programme initiatives influencing savings of up to £5M

Breadth of role:
Influencing senior level internal stakeholders, Members, and multiple external stakeholders.


Skills, Knowledge & Experience:


  • Accredited to ISC2 Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or similar qualification such as Axelos RESILIA and must have demonstrable understanding and capability to employ supporting frameworksand methodologies such as TOGAF 9.2, ArchiMate, BPMN, COBIT and IT4IT.
  • Evidence of relevant Microsoft Certifications such as Microsoft Security Architect, Microsoft Security Architect Expert, Azure Security Engineer, or M365 Security Administrator.
  • Evidence of continual professional development to keep pace with technical and business change that meet defined SFIA V7 competencies.
  • Able to demonstrate extensive experience in a Senior Security Architecture Role preferably working within a large Local Authority or with a Service Provider providing Public Sector Business Solutions and Architectural Services.
  • Must demonstrate a track record of leading and working within effective teams delivering Security Solutions that have been proved successful in meeting complex business requirements and in enabling standardisation, simplification, sharing and reuse.
  • Able to demonstrate a clear understanding and capability to work within relevant ICT related standards including IITIL V3, ISO/IEC 38500, ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 20000, PRINCE2 and MSP.
  • Excellent customer service, written, verbal communication and presentation skills.
  • Experience in the use of Enterprise Modelling tools and methods such as EA Sparx and Orbus iServer.
**Please let us know if there is anything we can do to help make the recruitment process more accessible for you.
More jobs from Keystream
See all jobs of Keystream