Security Architect
6 months
Inside IR35
This role is for an Infrastructure Security Architect, with primary skills, experience and expertise in the architecting and deployment of infrastructure services, both Public Cloud and traditional on-premises Datacentre with a strong background in security. You will will provide technical leadership, design, implementation, integration, and oversight of the infrastructure security solutions The architect's primary responsibility will be to contribute to designing the security elements of IT solution architectures and leading the architectural design of security-specific capabilities, to ensure alignment to the Enterprise Principles, Roadmaps and Vision.
The candidate will utilize an extensive IT background, advanced security knowledge, an appreciation for compliance and risk management principles to develop and promote effective and sustainable solutions; educate stakeholders and champion embedding cloud security across all architecture and design.
Ideally the candidate will have knowledge and experience being proven across five or more years. The role will require a broad set of general technical understanding on both architecture disciplines and technologies. The capability to work alongside and with several key stakeholders, including both business and IT operational teams is vital.
Must have skills:
Strong background in security architecture, security design and defining security frameworks for the enterprise
Strong understanding of Network security (NGFW, WAF, NLB, Proxy), system or application security (microservices, NLB, SSL) and data security (Encryption)
Hands-on experience in Cloud (AWS/GCP/Microsoft Azure) security architecture, security engineering, or equivalent experience with vendor specific cloud certification. Azure a strong advantage
Network, Endpoint and Application logging concepts, best practice and monitoring systems including SIEM
Authentication, Authorisation and Accounting concepts, best practice and IAM management systems. OTP and MFA systems
Identity strategy, Active Directory Security including federated implementation, for example ADFS, SAML
Champion and oversee InfoSec design and implementation spanning cyber controls and architectural best practices
Collaborate with the Security Architecture and Assurance teams to ensure Cloud architecture adheres to organisational controls and advances security posture
Experience in securing DevOps or Software Supply chain practices and tooling, application security threat modelling & data security
Experience in Cloud formation & Terraform
With a focus on the below:
Operational Technologies
Experience with Azure infrastructure such as Account structures e.g. (subscription, tenant), Azure Active Directory, Azure Active Directory Domain Services, Service Principles, RBAC, IAM
Strong Windows server background on both physical and virtual (VMware) infrastructure
Strong experience in server migration elements to both on-premises and off-premises
VMware and Hyper-V experience and design
Ability to take a flexible approach to design with limited defined as-is architecture and NFR's
Ability to ensure architecture designs follow internal standards
Ability to understand complex requirements for application migration to the cloud utilising cloud native technologies
Migration of applications and services into cloud environment (Azure or vender SaaS platforms)
Desirable
Security certifications such as CISSP, CISM etc. are desirable
Experience of working in large organisations in regulated sectors (example utilities, finance)
Certification in recognised architecture frameworks (example TOGAF) and the ability to apply these in a pragmatic way would be an advantage
ersg are an equal opportunities employer; we are committed to promoting equality of opportunity for all job applicants. We do not discriminate against applicants on the basis of age, sex, race, disability, pregnancy, marital status, sexual orientation, gender reassignment or religious background; all decisions are based on merit.
