Senior Lead Security Architect

ABOUT THE ROLE & TEAM:

As a Security Architect you will drive infrastructure security strategy. You will also provide governance for the creation of secure infrastructure and the technologies securing that infrastructure. You will interface with the other architecture disciplines, DevOps teams, product management and other stakeholders in achieving this. 

As the Senior Lead, you will support the practice manager in leading the team, providing advice and mentoring for the other members. 

WHAT YOU WILL DO:

·       Own the security architecture strategy.

·       Provide security architecture Guidance & Guardrails through the infrastructure lifecycle (technology acquisition, design, development, deployment, operations and disposal).

·       For Guardrails, work with DevOps teams and Product Owners in development of policies, configurations, infrastructure as code and other automations of security controls

·       Provide approvals for enterprise and solution architects at key stage gates that the infrastructure has been designed in accordance with security architecture governance.

·       Document governance and approval decisions in wikis, architecture documents, blueprints and other artefacts.

·       Provide leadership & governance around the technologies that secure the infrastructure: Architecture strategy and provide security architecture Guidance & Guardrails.

·       Provide security input to Product Managers at ideation stage when assessing potential new technologies, products & solutions.

·       Research emerging infrastructure security technologies and trends.

·       Act as back-up and support for practice manager.

·       Mentor security architects and product security managers, helping in their personal development.

EXPERIENCE:

·       10+ years’ experience in a complex IT environment, with cyber security experience within the last three years.

·       Degree in a technical discipline (e.g. Information Security, Computer Science, Engineering, Mathematics, etc.) or sufficient work experience to demonstrate proficiency at this level.

·       CISSP, CISM or similar certification in security field.

·       Exposure to, or certification in at least one of the following: TOGAF, SABSA, SaFE, ITIL 4 Strategic Leader.

·       In-depth knowledge of technical cyber security controls and their applicability to complex infrastructure and application architectures, including but not limited to: Next-Generation Firewalls, Network IDS / IPS platforms, Web Application Firewalls, EDR, encryption technologies, identity & access management, logging & monitoring (SIEM), vulnerability management etc.

·       Strong understanding of cloud-based architecture and development (Infrastructure as Cloud, CI/CD pipelines), cloud-based security controls (SASE, CSPM, CASB) and security automation (Ansible, Terraform, Puppet).

·       Knowledge and demonstrated application of key security principals to architecture: defense in depth, zero trust, least privilege, segregation of duties. 

·       Strong communication skills, especially in taking complex technical information and presenting it to a non-technical audience.

·       Proven ability to work with DevOps teams to plan projects, deal with technical issues and provide knowledge transfer.

·       Excellent interpersonal skills, including the ability to influence and work with teams with different reporting lines.

NICE-TO-HAVE:

·       Understanding of DNS, PKI, privileged access / identity management, data privacy / security principals and experience working with Data Loss Prevention techniques and technologies.

·       Vendor certifications, particularly in cloud and network security (Azure, AWS, VMWare, Palo Alto, Fortinet, Cisco, Juniper, Versa Networks).

·       Previous experience of Agile and / or DevOps methodologies.