Enterprise Security Architect (Technical Strategy)
Enterprise Security Architect (Technical Strategy)
£600 - £630 per day
The role of the Technical Security Strategy consultant is to support the development of technical security strategies and to provide the support necessary to delivery programmes in order to realise strategic objectives.
The role exists within the Security Strategy team, reporting directly to one of the Senior Managers for Technical Strategy. As a Technical Security Consultant, you will be working as part of a wider virtual team of Enterprise Architects, Solution Architects and Engineers on some of the most important Cyber security projects within the bank.
Main Responsibilities and Key Deliverables:
- Provide the following capabilities as required by the aligned Senior Manager for Technical Strategy or determined by the wider team work load alignment:
- Security Strategy Research on designated topics
- Security Strategy Artefact production
- Technical analysis of security challenges related to strategic delivery
- Security Consultancy on specialist strategic topics
- Embedded technical project oversight and directional support in significant security change initiatives where the strategy must be translated to delivery
- Accept ownership for technical related deliverables or challenges as defined by the aligned Senior Manager or by the lead Enterprise Architect.
- Work closely with vendors, platform teams and subject matter experts (SME's) where necessary in order to drive out architectural decisions, design statements and exceptions.
- Take the lead on solving security challenges and issues where the problem scenario is not covered by a pattern, standard or existing strategy. Seek guidance from Senior Security Strategy colleagues or Enterprise Security Architects where needed.
- Surface strategic and architectural decisions through the approved governance or oversight channels as defined by the bank's operating model.
- Where embedded within a project, act as a primary resource ensuring commitment to attend all appropriate calls and meetings in order to provide the level of support required.
- Develop the detail on new and existing security strategies in order that delivery programmes understand what needs to be achieved.
Knowledge / Experience:
- Industry recognised Information Security and Cyber Security qualifications is essential e.g. CISSP, CISM, SABSA, ISC₂
- Strong understanding of security industry trends, hot topics, commercial and vendor capability awareness
- Strong understanding of the security threat landscape, awareness of major historical and recent vulnerabilities, awareness of security industry responses to significant threats
- Strong understanding of Zero Trust security including detailed knowledge of concepts, industry whitepapers and practical implementations
- Educated to degree level desirable but not essential
- Experience supporting major programmes and other project based activities
- Security Architecture or Security Solution Architecture experience
- Understanding of Enterprise Architecture and Enterprise Security Architecture
- Experience in creating, reviewing and approving security designs
- A technical background in Cyber Security across one or more security domains, particularly Identity Access Management and Network Security
- Ability to work within traditional waterfall and "Agile" delivery methodologies
- Experience with collaboration and knowledge management tools such as SharePoint, Teams, Confluence and JIRA
The candidate should have significant knowledge of Cyber Security as it applies to Enterprise business and ideally exposure to risk or threat assessment techniques.
The candidate should have technical experience and demonstrable skill in one or more of the following areas:
- Knowledge of Security Architecture, best practices and experience of working with Enterprise Security Architecture frameworks. (essential)
- Network security devices including NGFW, UTM, NIPS/NIDS, VPN Gateway. (essential)
- Strong Authentication, Authorisation and Accounting concepts, privileged access management experience, IAM best practices and Identity Governance management systems. Knowledge of Modern Authentication e.g. OAUTH, SAML, OTP and MFA systems. (essential)
- Knowledge of data protection and DLP capabilities. Knowledge of data handling principles, data classifications, and data security knowledge. (essential)
- Security Control Frameworks e.g. ISO27001 and practical experience in their implementation. (desirable)
- Endpoint defence solutions including NGAV or EDR. Exposure to malware infection vectors and defence methods. (desirable)
- Endpoint and Server hardening principles, best practices. (desirable)
- Web application firewalls, network load balancers, proxy systems. (desirable)
- Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM. (desirable)
Candidates will ideally show evidence of the above in their CV in order to be considered.
Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.
Apply for Enterprise Security Architect (Technical Strategy)
Already uploaded your CV? Sign in to apply instantly
* This is information that gets special protection under our privacy laws. It is information about your race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, genetic or biometric details, sex life and details of any criminal convictions or similar you may be subject to.
♦ The business of the Adecco Group UK & Ireland is transacted via a number of differently branded trading entities, as follows: Adecco UK Limited, Adia Technology Limited, Modis International Limited, Badenoch and Clark Limited, Ajilon (UK) Limited, Office Angels Limited, Penna plc, Pontoon Europe Limited, Roevin Management Services Limited, Spring Technology Staffing Services Limited.