Security Architect - Chelmsford, United Kingdom - Keystream
Description
Job Title:
Security Architect
Function:
Finance and TechnologyLocation: South East / Remote
Daily rate:
£650 (Inside IR35)
Job Purpose:
As Security Architect, you will be responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, electronic, data, physical) in technical development and delivery in support of the Councilbusiness objectives and requirements ensuring alignment and adhering to the principles of simplification, sharing and re-use.
Service/Functional Accountabilities:
- Responsible for the development, implementation, delivery and support of an enterprise information Security Architecture aligned to the strategic requirements of the Council.
- Responsible for production of security specifications for tenders and provision of new services. Reviews and scores supplier and tender responses from a security perspective to ensure robust security posture.
- Oversees implementation of designs and services from a security perspective to ensure that security is implemented in accordance with approved design and contractual obligations.
- Key stakeholder, approver and gatekeeper for security in ITIL processes such as Change and Release. Authority for approval of all designs from a security perspective at the TOGAF design board.
- Responsible for providing expert advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
- Leading the Delivery of security innovation to the advantage of the Council by capturing and prioritising market and environmental trends, business strategies and objectives, and identifying the business benefits of alternative strategies ensuring alignmentto the Security Architecture.
- Leading assessment an approval of technical design to ensure Information Security Architectural conformance which ensures effective protection of Council data.
- Responsible for setting and maintaining Security Standards and Principles and ensuring they are correctly employed in all technical initiatives to ensure commonality of solutions design and implementation
- Responsible for obtaining vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems to ensure appropriate protection of Council data
- Leads the creation and review of a security capability strategy that meets the strategic requirements of the business
- Leads collaboration and provides expert advice and guidance regarding security issues to Business Partners, Operational Teams and Suppliers to develop and present business cases, for highlevel initiatives, approval, funding and prioritisation compliantwith the Council Information Security Architecture
- Commission and lead regular cross team security reviews of network firewall rules, webfilter rules, WAF rules, Conditional Access rules, MCAS rules, Windows Client firewall rules, onpremises, Azure, M365 and Oracle platform plus any new onboarded services.
- Specific individual and shared targets and objectives are defined annually within the performance management framework.
Budgetary responsibility:
Indirect responsibility and influence of budgets of more than £1M dependent on transformation programme initiatives influencing savings of up to £5M
Breadth of role:
Influencing senior level internal stakeholders, Members, and multiple external stakeholders.
Skills, Knowledge & Experience:
- Accredited to ISC2 Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP) or similar qualification such as Axelos RESILIA and must have demonstrable understanding and capability to employ supporting frameworksand methodologies such as TOGAF 9.2, ArchiMate, BPMN, COBIT and IT4IT.
- Evidence of relevant Microsoft Certifications such as Microsoft Security Architect, Microsoft Security Architect Expert, Azure Security Engineer, or M365 Security Administrator.
- Evidence of continual professional development to keep pace with technical and business change that meet defined SFIA V7 competencies.
- Able to demonstrate extensive experience in a Senior Security Architecture Role preferably working within a large Local Authority or with a Service Provider providing Public Sector Business Solutions and Architectural Services.
- Must demonstrate a track record of leading and working within effective teams delivering Security Solutions that have been proved successful in meeting complex business requirements and in enabling standardisation, simplification, sharing and reuse.
- Able to demonstrate a clear understanding and capability to work within relevant ICT related standards including IITIL V3, ISO/IEC 38500, ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 20000, PRINCE2 and MSP.
- Excellent customer service, written, verbal communication and presentation skills.
- Experience in the use of Enterprise Modelling tools and methods such as EA Sparx and Orbus iServer.
More jobs from Keystream
-
Senior Finance Officer
Hospitalfield, United Kingdom - 3 weeks ago
-
Euc Windows and Sccm Technical Specialist
London, United Kingdom - 3 weeks ago
-
Information Governance Consultant M365
New Works, United Kingdom - 1 week ago
-
Engagement Lead
London, United Kingdom - 2 weeks ago
-
Business Analyst
London, United Kingdom - 2 weeks ago
-
Service Delivery Manager
Essex, United Kingdom - 1 week ago