Job Summary –
Information Security Architect (Strong SailPoint Implementation and ForgeRock & RBAC) will develop and implement information security architecture and technology solutions to address the current and emerging information security and compliance requirements.
Years of experience needed –15 years of experience (Strong SailPoint Implementation and ForgeRock & RBAC.
Technical Skills:
Possessing or working towards certification in SABSA/TOGAF/Zachman/CREST Registered Technical Security Architecture (CRTSA)/CISSP – ISSAP (Information Systems Security Architecture Professional) and/or other architectural frameworks
• Strong experience in threat modelling, cyber security, vulnerability management, security testing; security risk experience
• BSc or MA/MSc in Computer Science, Information Security or a related field (e.g. IT Audit, Enterprise Risk Management, etc)
• Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC)
• Lead security architect experience
• Solid experience with regulatory compliance and information security management frameworks
• A self-starter with the ability to manage a team and implement change through an organisation
• Collaboration especially with non-security specialists
• Ability to communicate a vision and establish execution plan for that vision
• Excellent communication skills, both written and verbal. Ability to build strong relationships and influence decisions with internal and external stakeholders.
• A good understanding of project management methodology and how to implement security within it
• Good analytical skills and the ability to challenge the room
• An ability to be pragmatic while balancing the needs of the against security
Key Responsibilities
• Review existing security architecture, identify design gaps and recommend security enhancements
• Define frameworks, standards and tools to be used across all environments
• Serve as Information Security expert and trusted advisor.
Replacement Programmes
• Stay abreast of emerging security technologies and lead on integration into security architecture as appropriate
• Ensure alignment between security architecture frameworks and standards and overall strategic objectives
• Monitor security risk management across environments
• Act as Information Security expert during migrations and liaise with internal/external IT teams, vendors and hosting providers
• Achieve security architecture compliance on requirements, including but not limited to: GDPR, the UK Data Protection Act, the Computer Misuse Act, Paymer Card Industry/Data Security Standard and ISO 27001
Certifications Needed:
- Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC)
- Certification in SABSA/TOGAF/Zachman/CREST
