AddressOverview: My client is seeking a Security Architect to join their Security Services Team. The Security Architect will design, implement, and maintain robust Security Architectures, ensuring cybersecurity measures are integrated into all IT projects. The ideal candidate will have a strong technical background in cybersecurity, particularly in cloud security, and possess excellent communication and leadership skills.
About My Client's IT & Telecom Services: My client's IT & Telecom Services department provides IT and telecom services to the holding company and its operating companies. The department ensures a robust IT foundation, supports and develops group systems, manages system integration, sets IT policy and governance standards, and leads information risk activities. Serving approximately 4,000 IT customers and 200 sites, it operates in a hybrid-cloud environment with a significant presence in Microsoft Azure.
Responsibilities and Duties:
Security Architecture:
- Develop and implement comprehensive Security Architectures, strategies, and frameworks to protect my client's information assets, infrastructure, and digital footprint, with a strong focus on Microsoft Azure.
Security Design:
- Design and architect security solutions based on organizational requirements. This includes providing input, reviewing, and signing off on relevant project artifacts (e.g., High-Level Design, Low-Level Design, Change Requests, Acceptance into Service Artifacts).
Collaboration and Security Oversight:
- Collaborate with cross-functional teams, including project managers, network engineers, system administrators, and developers, to ensure security requirements are met throughout the project lifecycle. Oversee collaborators' activities to ensure compliance with security standards and policies.
Security Assessments & Remediation:
- Conduct internal security assessments and develop technical responses to penetration tests, third-party security assessments, and vulnerability scan findings.
Incident Response Plans:
- Provide technical input into incident response plans, outlining procedures and protocols for cybersecurity incidents.
Manage Cybersecurity Incidents:
- Serve on the panel for managing and responding to major cybersecurity incidents. Coordinate with the incident response team to contain incidents, mitigate damage, and restore operations. Be available for escalation on-call, potentially involving some out-of-hours work during major incidents.
Continuously Improve Cybersecurity Capabilities:
- Stay updated with emerging threats, technologies, and best practices to improve cybersecurity capabilities. Conduct research, attend conferences, and collaborate with cybersecurity professionals.
Support the Security Service Function:
- Assist and support the broader Security Services function as a cybersecurity subject matter expert. This includes mentoring junior staff and deputizing for similar roles during leave periods.
Work Relationships:
Reporting to:
- Security Services Manager
Internal:
- Wider IT & Telecom Services team
- Business teams
Within Operating Companies:
- IT Managers
- Business teams
External:
- Third-party Suppliers & Vendors
Experience and Competencies:
- Experience in leading Security Architecture.
- Strong understanding of IT security risks, processes, and services.
- Familiarity with the NIST framework.
- Excellent communication skills with the ability to clearly convey information to business and IT users.
- Proficiency in reporting, documentation, and presentation.
- Ability to work independently and as part of a team.
- Strong interpersonal skills.
Qualifications and Certifications:
- Bachelor's Degree in IT, Computer Science, Cybersecurity, or a related field.
- Relevant cybersecurity certifications.
- Relevant Microsoft Azure / Cloud-Security certifications.
- Experience working with third-party vendors, including MSP & SOC.
- 5+ years of experience in cyberSecurity Architecture.
- Strong technical background in cybersecurity.
- Experience developing and implementing incident response plans.
- Excellent communication and leadership skills.
This role demands a proactive approach, technical expertise, and strong collaborative skills to maintain and enhance the security posture of my client.
