Security Architect

Security Architect

Whitehall Resources require a Security Architect to work with a key client based in Essex, working remotely for now.

**Please note that this role has been deemed as Inside IR35**

Role Description:

The focus of your role
* Driving beneficial security change into our clients’ businesses through the development or review of architecture;
* Managing known or emerging security and information risks by initiating or influencing the development of new security architectures and compliance with architectural principles and objectives;
* Acting as a focal point for mitigating and resolving security and information risks affecting our clients’ existing solutions and any alternative or new solutions we deliver for them;
* Designing, developing and helping to implement technical, physical, personnel, process and procedural security controls for our client’s existing and new solutions;
* Checking our clients’ solutions comply with applicable laws, regulations, standards, policies and guidance on security and information risk management;
* Providing security thought leadership (on specific assignments and to the market at large);

What you’ll bring
* HMG Experience and your understanding of security architecture and a specialism in one of the following:
* Security architecture consultancy (e.g. shaping the security of an enterprise, systems or services in one or more industry sectors)
* Security design (e.g. using recognised techniques, methods and frameworks to design solutions that enable business objectives whilst managing information security risks adequately with balanced, cost effective security controls). This includes experience in determining security requirements and producing security architecture design documents;
* Audit (e.g. assessing the appropriateness of the security architecture and specific configurations deployed across an enterprise or was part of a specific solution, assessing and advising on compliance with significant standards and regulations such as PCI-DSS, SOX, DPA etc)
* Digital/web services and solutions, ideally where open source and cloud technologies have applied agile development methodologies.
* It is essential that they have experience of working in large and complex programmes, where business transformation is equally as important as IT change

And your skills in any of these areas:
* Client-facing with strong stakeholder management skills
* Ability to balance security and information risk against requirements such as usability, agility and cost;
* Ability to translate security policy requirements sensibly into technical solutions;
* Ability to quickly recognise and overcome ambiguity;
* Propensity to think innovatively (recommending alternative solutions to meet security requirements);
* Strong appreciation of the pros and cons of security enforcing solutions from a business perspective;
* Demonstrable success in delivering security-related projects;
* Relevant professional certification e.g. TOGAF, SABSA, CISSP or similar (or commitment to achieving such). and CCP SIRA accreditation
* Be able to rationalise complex information to make it understandable for others to work with
* The ability to work independently, proactively and with versatility in responding to changing circumstances is essential.
* The candidate will need an eye for detail, excellent communication skills and be able to interrogate reported information and challenge sources where inconsistences are found.

All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description.