SC Cleared Security Architect

Pay rate : £625pd OUTSIDE IR35

Duration : 6 months

Responsibilities:

• Leading the definition and modelling of security architecture for the current and future capabilities to identify areas for improvement and comply with corporate, legislative, contractual, or regulatory requirements.
• Finding and directing pragmatic approaches for the security architecture to match business needs and adhere to broader reference architectures.
• Leading the identification, development, and management of security architecture principles & policies to ensure design, development, implementation and operating boundaries.
• Providing and leading on security architecture to ensure adherence to the strategy & architecture.
• Creating and communicating baseline security requirements to ensure consistency in designs and supplier contracts.
• Ensuring that all security architecture-related knowledge is digitised and readily accessible for use by other teams to access.
• Attending governance boards to align designs to architecture, strategy, principles, and policies.

Essential Requirements

• Degree in a relevant Business or IT technical qualification or equivalent of knowledge acquired through experience, other qualifications and training/development.
• Subject Matter Expert in a wide range of security technologies, with working knowledge of their integration, configuration and data needs.
• Certified to CISSP, CISM, CISA, CRISC, CCISO or equivalent professional certification.
• Relevant architectural experience, including an understanding of NIST, SABSA, TOGAF and Zachman or equivalent frameworks.
• Able to assimilate and consider issues from the technical, contractual and business perspective, supported by a pragmatic attitude to the implementation of security in a complex and diverse organisation.
• A good understanding of the approaches required to identify, quantify and address information security or cyber vulnerabilities in an organisation.
• Experience of IT Health Checks (CHECK), providing scope of works, analysis of ITHC reports and remediation plans
• Demonstrable experience in negotiation and influencing internal and external stakeholders.
• Makes sound and pragmatic decisions that affect long-term delivery, taking account of risk effects.
• Ability to articulate complex issues and concepts to a wide range of recipients both written and verbally.
• Strong, credible impact, with a demonstrated capability to resolve conflict; build, maintain and utilise relationships with key internal and external stakeholders to achieve optimum business goals.
• Collaborative working style with a clear focus on delivering outcomes.
• Track record of design and delivery of secure IT solutions.

Desirable

• Experience of the development and implementation of appropriate risk mitigation plans, policies, processes, and technical controls.
• Good working knowledge of an Information Security Management System and the ISO2700x/Cyber Essentials series of standards.
• Demonstrable experience in cloud architectures.
• Experience in systems delivery concepts including analysis, design, implementation, testing and support.
• An accomplished, credible and respected subject matter expert with well-developed communication, influencing and negotiation skills gained in a complex organisation undergoing significant transformation.
• Demonstrable experience in agile methodologies and frameworks.
• Demonstrable experience within a service management culture.
• Good understanding of ITIL methodologies and standards (ITILv3 and above, Foundation level) or applicable framework.