Security Architecture Specialist at Datacentrix

• Managed Talent Solutions client is lookng for a Security Architecture Specialist on a 12 month fixed term contract.  You must have 5-8 years experience in securty architecture and need to ensure alignment and compliance to company’s global information management overarching architecture standards and principles.
• Involves end-to-end archtecture lifecycle, from analysis, design to overseeing compliance of implementated solution. It requires architecture knowledge of the overarching holistic view, and high-level knowledge of the peripheral applications, and detailed knowledge of specific infrastructure and applications.
• This work involves analytical judgement and the ability to interpret new data and design/develop new routines in response these changes.  It involves problem solving both in current and future trends/predictions where pathways/ and steps are unknown and must be defined in response to changing situations
• The company’s architecture & standards review board and the technical solutions review board are two of the key governance processes whereby new technologies or changes to the existing technologies are validated from Infrastructure-Application-Information-Security Architecture point of view before introduced into the company’s landscape.

Requirements:  

• Degree in IT or equivalent  
• Professional certifications and experience in Information Security from industry standard security frameworks, e.g. ISACA, BCS, CIPP, ITIL, Crest, ISC2, COMPTIA and key security vendors including Microsoft, Crowdstrike, Qualys, IBM.
• 5-8 years experience in end-to-end archtecture lifecycle, from analysis, design to overseeing compliance of implementated solution. 
• Understanding of network protocols, architectures, and components
• Familiarity with firewalls, intrusion detection/prevention systems (IDS/IPS), and network monitoring tools
• Ability to configure and manage network security devices
• Proficiency in securing various operating systems, including Windows, Linux, and macOS
• Knowledge of system hardening techniques, patch management, and access controls
• Ability to monitor and analyse threat intelligence sources to identify potential risks
• Understanding of threat actors, attack vectors, and emerging cyber threats
• Experience in performing security assessments and penetration testing
• Understanding of encryption algorithms, key management, and secure communication protocols
• Ability to implement encryption solutions to protect data at rest and in transit
• Experience in configuring data loss prevention (DLP) policies and monitoring data flows
• Understanding of DLP solutions to prevent unauthorized data leakage
• Knowledge of cloud security principles and best practices.
• Experience with securing cloud environments on platforms like AWS, Azure, or Google Cloud
• Understanding of secure coding principles to develop and maintain secure applications.
• Awareness of relevant cybersecurity regulations and standards (e.g., GDPR, HIPAA, NIST)
• Understanding of TCP/IP protocols, subnetting, routing, and network architecture
• Ability to analyse network traffic and identify anomalies
• Familiarity with digital forensics tools and practices to investigate security breaches
• Understanding of mobile device security, including mobile operating systems and application security

Key responsibilities:

• Work closely with the review board facilitators to review submissions from security perspective and seek alignment. Ensure that all open questions are addressed in sufficient level of detail, and risks are highlighted
• Keep track and follow-up on all security related actions and conditional approvals
• Enhance and where necessary introduce checklists and guidelines for review boards and Project Management Office.
• Escalate discrepancies to global information management Architect(s) and/or information management security.

Project design review:

• Perform project related architecture design review and clear direction with Security team (and other Architecture disciplines within the broader global information management EA & governance teams). The design reviews includes cloud solutions (especially Microsoft Azure) and on-premise solutions.
• Feedback lessons learnt into Security Architecture collaboration space for continous improvement
• Provide valued input into Security Architecture function to ensure a comprehensive security architecture framework, standards, reusable security patterns and checklists.
• As subject matter expert working closely with global information management Architecture teams, Application development & Integration teams and Infrastructure Services teams to set comprehensive security architecture framework, overarching principles, global security architecture standards, reusable security patterns & best practises (e.g. OWASP - Open Worldwide Application Security Projects), pragmatic hardening guidelines (e.g. CIS benchmarking), relevant compliance checklists
• Activities related to improving Cyber Resilience positioning using the NIST framework, with the key focus on the pillars protect & recover.