Cyber Security Architect
South West (Hybrid) £70k-£80k

Job Description
To Design And Implement A Robust Enterprise-Wide Cyber Security Architecture Function Within And Assisting With The Formation And Planning Of A Multi-Year Cyber Security Strategy.
 

Key Accountabilities

• Define, Document, And Embed A Set Of Security Architecture Principles That Will Guide All Projects, Programmes And Changes

• Define, Document, And Embed A Complete Set Of ISO27001 Compliant Security Policies, And Associated ISMS

• Develop Reference Architecture And All Associated Architecture Models For Identity Management And Privileged Account Management

• Consult On And Input Into The Redevelopment And Regular Testing Of The Company’s Security Incident Response Plan (For Both Cyber IT And Cyber OT)

• Inputs To The Strategic Planning And Oversight Of A Rolling Five-Year Enterprise Security Strategy That Takes Into Account Changing Threat Landscapes, Evolutionary Attack Methodologies And Evolving Technological Obsolescence Of The Company’s Digital Estate, In Conjunction With The Head Of Cyber Resilience And The Senior Security Manager, A Set Of KPI’s Linked To Companies Enterprise Strategy And Production Of A Monthly KPI Report

• Provide Security Architecture Consultancy Into Other Areas Of The Business Projects And Ongoing Programmes Of Work, On Both A Planned And Ad-Hoc Basis

• Put In Place A Process That Ensures All New Systems (And Architecturally Significant Changes To Existing Systems) Have Security Architecture Reviews

• Work Closely With The Strategy And Architecture Team To Ensure Alignment With EA

• Work With The Cyber Security Team To Set Up The Team’s Processes And Frameworks

• Lead On A Number Of Cyber IT And OT Defined Projects.

What We Are Looking For 

• Experience Of Use-Case Analysis

• Experience Of Systems Modelling And Design Using UML

• Experience Of Modelling Security Architecture Using Archimate Or Similar Tools

• Experience Of Using Architecture Modelling Software (E.G., Enterprise Architect) `

 • Familiarity With User Behavioural Analysis

• Hands On Experience Of Driving An Enterprise Security Maturity Improvement Program • Skilled In Reviewing And Analysing Whether Security Controls For Any Given System Are Suitable, Using Relevant Attack Modelling Methodologies.

• Develop Repeatable, Re-Usable Security Architecture Components, Models And Patterns

• Experience Of Drafting Security Solutions Design Documentation Sets

• Strong Experience In Identity Management And The Evaluation Of Access Models (Inc. SSO, MFA, RBAC, ABAC, EIDV Etc) • Strong Knowledge Of And The Ability To Put Into Practice Global Information Security Standards Including ISO27002, CIS And NIST CSF