Security Architect - London, United Kingdom - Ocorian

    Ocorian
    Ocorian London, United Kingdom

    Found in: Talent UK C2 - 2 weeks ago

    Default job background
    Full time
    Description
    Job Description

    Purpose of the Job

    Reporting to CISO; the Security Architect is responsible for designing, implementing, and maintaining the security architecture of our organization. You will work closely with cross-functional teams to identify security requirements, assess current systems, and develop comprehensive security solutions to safeguard our assets. The ideal candidate will possess a strong background in information security, a deep understanding of emerging threats, and a proven track record of implementing effective security measures.

    Main Responsibilities

    • Security Architecture Design: Develop and maintain the overall security architecture framework, ensuring alignment with business objectives and regulatory requirements.
    • Risk Assessment: Conduct regular risk assessments and vulnerability analyses to identify potential security weaknesses and recommend mitigating controls.
    • Security Policies and Procedures: Establish and enforce security policies, standards, and procedures to maintain the confidentiality, integrity, and availability of assets.
    • Technology Evaluation: Evaluate new security technologies and products, making recommendations for their integration into existing systems to enhance overall security posture.
    • Incident Response Planning: Develop incident response plans and lead incident response efforts in the event of security breaches or incidents.
    • Security Awareness and Training: Provide security awareness training to employees and promote a culture of security awareness throughout the organization.
    • Compliance and Audit Support: Ensure compliance with relevant regulations and standards (e.g., GDPR, ISO and support internal and external audits as needed.
    • Security Governance: Collaborate with key stakeholders to establish and maintain effective security governance processes and structures.
    • Security Testing and Assessment: Coordinate and oversee security testing activities, including penetration testing, vulnerability scanning, and security assessments.
    • Participate in designated projects and business initiatives as the security subject matter expert.
    • Review and uncover new and evolving threats and report these to Infosec with appropriate plans for combating such threats
    Qualifications

    Experience, Skills & Experience

    Preferred experience in some of the following areas:

    • Identity and Access Management
    • Application Security, cryptography, and protocols
    • Secure System Development Live Cycle
    • Security Incident Management and monitoring
    • Security Operations, and Cyber Security
    • Vulnerability management and penetration testing
    • Information Security Management, Risk Management, and Asset Security
    • Computer, IT Security, Network Security, and Cloud Security
    • Security standards, laws, and compliance
    • Experience in implementing security controls to improve system/platform overall security.
    • Knowledge and experience with identifying and understanding the most common application security vulnerabilities (OWASP Top 10)
    • Ability to work independently and pro-actively contribute to a global team environment.
    • Excellent interpersonal, communication and presenting skills; able to concisely communicate security risks to both technical and business audiences

    "Nice to have" experience in:

    • Digital Transformation Programmes
    • Agile Methodology
    • JAVA, .NET, PHP, Ruby, Perl, Python and/or C/C++ experience
    • Industry certification from vendors: ISC2, ISACA, GIAC, EC-Council, CompTIA, ITIL, Comptia Security +
    • Knowledge in Risk and Compliance Management, Operational Models, Business Continuity Plan, Disaster Recovery Plan

    #LI-SM1

    #LI-Hybrid

    Additional Information

    All staff are expected to embody our core values that underpin everything that we do and that reflect the skills and behaviours we all need to be successful. These are:

    • We areCLIENT CENTRIC – Clients are at the centre of our world, and we're committed to providing expertise and specialist solutions to meet their most complex challenges.
    • We are AMBITIOUS – We aim high. We think and act globally, seizing every opportunity to delight our clients and support our colleagues - wherever in the world they may be.
    • We are AGILE – We act on our initiative to get things done for our clients. Our independence gives us the flexibility and freedom to keep things simple, efficient and effective.
    • We are COLLABORATIVE – With a curious mindset, we ask the right questions to get to the right solution, for our clients faster. We collaborate to win together and share our successes.
    • We are ETHICAL – We behave with integrity at all times and assume positive intent, building trust through responsible actions and honest relationships.