Senior Security Architect
|Job Type||Permanent Full Time|
|Area||London, United Kingdom|
- Our client, an exciting, cutting edge marketing agency, are looking for a Senior Security Architect to work internally and with client providing subject matter expertise in the security domain. You will be responsible for coordinating with the office of the CISO as well as other teams including Engineering & Architecture, IT and the various business units to ensure that the company’s digital ecosystem is secured, protected and defended and that the applications that they build are capable of resisting breaches. This includes participating in security governance and compliance activities, security architecture and design, application security, security testing and assessment, cyber defence and incident response.
This is a broad role and will ideally suit someone looking to move into management and build a team around them.
Key Responsibilities for the Senior Security Architect
Strategy, Governance & Risk
- Define and implement the overall corporate IT security strategy with the buy-in from operational and business stakeholders
- Develop and implement internal processes to ensure security
- Develop plans and implement systems and procedures to effectively secure company information, infrastructure, intellectual property, and users against accidental or unauthorised modification, destruction or disclosure
- Partner with the legal organisation to define and execute a risk and compliance roadmap with a governance structure.
- Perform risk, business impact, control and vulnerability assessments, and in defining treatment strategies
- Create and implement a Secure Development process
- Architect, design and implement security measures related to the company’s systems testing and validation procedures, programming and documentation (AWS, Google Cloud Security, Application Security, Vulnerability Management, Machine Learning, AI Sandboxing)
- Makes recommendations on toolset modifications and improvements, improvements on development processes and production application security support
- Ensures teams are validating for OWASP and performing industry leading application security practices.
- Guides and performs security activities including vulnerability testing and analysis, code review, static and dynamic code testing, ethical hacking and business logic exploit testing.
- Architect developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions
- Apply deep process and technical domain expertise within Security Operations as it relates to threat prevention, detection and mitigation
- Responsible for the engineering and design of the company’s security technologies
- Lead projects for security requirements relating to network design reviews & security testing
Skills, Knowledge and Experience required for the Senior Security Architect
- Experience working in a blended Senior level Information Security role combining strategy, GRC and technical security
- Experience of SDLC, Application Security or coding languages is desirable
- Knowledge of incident response and security analysis techniques is desirable
- Understanding of cloud technologies
- In depth knowledge of mapping business requirement to technology and ability to identify security gaps at architecture level
- Ability to communicate with Senior Stakeholders
- Knowledge of penetration testing
This is a very broad role so please do still apply if you don’t match 100% of the requirements and we can have a more detailed discussion.