Lead Information Security Architect


Reference: PM/Req/006502
Location: Maidenhead
Type: Contract
Status: Active
Salary/Rate: £637.50 per Day

Find out more about this vacancy and apply here

Digital Cyber Security Architect and IA Specialist to design and deliver, secure (agile driven), cloud based, digital IT solutions to a Government Office.
Headline statement
Influences the security of enterprise or solution architectures across the public sector or across the whole of a public sector organisation, or private sectors
Is typically responsible to an Enterprise Architect, Chief Information Officer, Chief Technology Officer, Departmental Security Officer or SIRO for all the responsibilities of a Senior IA Architect and:
Initiates development of new security architectures to mitigate emerging information risks
Influences senior stakeholders to comply with architectural principles and objectives
Presents the business case to Directors for strategic security investment in enterprise or solution architectures
Establishes training programmes for Security Architects
Mentors, supervises or takes responsibility for the work of less experienced Security Architects
Influences security architecture practices in widespread use across the public or private sectors

Candidates will be CESG Certified IA Professional Lead IA Architect
The resource will be required to ensure that specified security controls or other counter-measures they specify to mitigate, minimise, or treat discovered risks are pragmatic (in order to meet the requirements of the business), appropriate (ie commensurate with the classification and sensitivity of information assets) and cost effective (whilst appropriately mitigating threats to assets)
Additionally, the resource will be required to carry out information assurance activities against solution designs (delivered by others), to ensure they are appropriately secure.
Essential skills:
Have experience of physically delivering secure, digital, cloud hosted solutions using a variety of security products from a wide spectrum of vendors.
Have a track record of successfully delivering continuous improvement programmes across infrastructure services (eg group, global and/or multi-site).
Have experience of delivering open source security controls
Have experience of defining automated security testing
Have a successful track record for design and delivery of new technologies into existing Legacy environments
Have a good understanding of Identity management, identity life cycle management
Have a proven track record of successfully designing and building secure IT systems.
Have a proven track record of successfully using technology to strategic business advantage and commercial benefit
Be an articulate technologist with demonstrated ability to communicate complex technology solutions in layman’s terms to non-technical business clients
Possess a demonstrated ability to communicate complex technical solutions to peers.
Ideally have previous experience performing similar Digital Cyber Security Architect and IA Specialist role within UK government
Have a high level of business acumen and experience at interfacing between business and IT
Have knowledge of industry standard Enterprise/Solution Architecture frameworks – eg SABSA, TOGAF
Have a sound knowledge of the Data Protection Act (DPA) and its ramification on system development and data transfer and visibility
Have a good level of knowledge of existing and emerging technologies and of industry best practice in IT architecture, development and delivery
Further information:
The Digital Cyber Security Architect and IA Specialist is responsible for:
Delivering, Developing, maintaining all digital security architectures (eg Platform, endpoints, networks and application)
The overall security of the Cloud Hosted Digital Platform (CHDP) and all applications hosted on it
Ensuring that supplier or other proposed solutions are secure, technically sound and are aligned to the strategic and business requirements
Assisting in the development, definition and maintenance of the following:
o Security architecture
o Information Risk Assurance Reports (IRAR)
o Legacy RMADS
o Risk discovery, treatment and analysis
o Detailed reporting as required
Providing detailed guidance and input on the secure solution architecture to Business Designers and other stakeholders
Ensuring business operational models, architecture and requirements are supported by any delivered security architecture
Representing on relevant Architecture Management Groups/Boards
Participating in technical assessments/evaluation of IT products and services provided by third party vendors and suppliers
Providing security expertise and deliverables
Desirable Skills:
Systems architecture & architecture frameworks
System Integration
Agile methodologies

Lead Information Assurance Architect – CESG IA Professional – SC Cleared