Security Architect

Marcus Donald are currently looking for a Security Architect to join a popular Financial service in the City of London.

The Security Architect will work as a member of the Global Cybersecurity team. The individual, with a broad cybersecurity plus systems and network architecture knowledge and experience, will deliver security assessments while supporting the direction, lifecycle management and leadership or security architecture and technology.

Security Architect – Responsibilities

• Developing, contributing and management of design patterns, reference architectures, security strategies and roadmaps applying security design principles to develop security solutions architectures providing strategic points of view for security solutions
• Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy
• Developing security solutions to enable execution of the long-term security architecture in the cybersecurity product area

• Evaluating and assessing risk as part of lifecycle management
• Staying current with security technologies, as well as development techniques and methodologies in order to make recommendations for use based on business value

Security Architect – Technical Skills

• Moderate to significant Cybersecurity, engineering and design experience in Data Centre Systems, Cloud Infrastructure and Platforms (IaaS security, PaaS security)
• Experience doing threat-modelling of complex systems
• Experience in delivering comprehensive architecture specifications for complex infrastructure security solutions
• Experience with creating technical documentation: product documentation, technology, software and systems architecture, and technical whitepapers
• Experience with open-source security technologies
• Hands on cloud architecture, with knowledge and working experience in: OpenStack, Cloud Foundry, Server Virtualisation hypervisors (KVM, Xen, Hyper-V, VSphere), Linux Containers technologies (Docker, Mesos, Kubernetes), and distributed computing
• Experience with Linux and Linux security
• Strong understanding of relevant Industry Principles, Best Practices, and Standards, such as PCI, NIST, ISO, IEEE, and TCG
• Good understanding of the SSDLC process and follows the process to effectively develop and design solutions

Security Architect – Desirable

• Programming/coding and DevOps experience is a plus (Python, Java, Jenkins, Ansible, Chef)
• Experience with compliance, regulatory and legal requirements relevant to the payments processing industry such as PCI, SOX, Bank of England, and GDPR.

If you are interested in knowing more, and would like to review a full job spec, please either apply on here on contact me directly on lreynolds@marcusdonald.com