London, United Kingdom
Location: Stockton on Tees
Contract Type: Permanent
Salary: £100,000 DOE + Benefits
We are currently seeking a Security Architect to take responsibility for setting the software security standards for the products/platform across the whole of the group.
Working across cross-functional agile engineering teams, you will work closely with technical teams and construct a gap analysis of current security standards and a plan to move to a consistent engineering-based approach group-wide. You will work with Technical leaders in the business to help build KPIs and other metrics to aid decisions on prioritisation for managing technical debt.
As the Security Architect for the business your role will play a key part in building market leading products that are secure, performant and scalable, using the latest technologies that are aligned with company vision and standards.
What will you be doing?
As a Security Architect your role will include the following:
Design and Implementation
- Design security standards and best practices aligned with overall business and technology strategy
- Design security architecture elements to prevent and mitigate threats as they emerge.
- Work with Architects/Operations to review and design solutions that balance business requirements with information and cyber security requirements
- Work with Architects/Operations/Scrum Masters to build roadmaps on how to deliver in an agile manner
- Review of code for architecturally significant areas
- Be involved in maintaining the KPIs/metrics around security standards for the products
- Liaise with the Operations/Scrum Masters to coordinate regular penetration and vulnerability tests
Planning, Organizing & Delivery
- Ensure security roadmaps are always current and up to date
- Ensure security KPIs/metrics are always current and up to date
- Manage a training plan for team
- Initiative, Innovation & Change
Identify and communicate current and emerging security threats
- Continuously look for ways to improve effectiveness and productivity and provide innovative solutions to difficult problems
- Knowledge sharing of technology/trends to teams
What skills and experience do you need to have?
We’re looking for someone innovative with the following skills and experience:
Degree in computer science, software engineering or cyber security would be advantageous
- Experience in improving toolchain security, particularly through automated end-to-end pipeline delivery
- Experience of setting and enforcing code quality standards
- Experience of implementing at least one secure SDLC methodology
- Understanding of REST APIs
- Understanding of Web Architecture
- Expertise in Identity and access management (IAM) frameworks
- Experience of presenting and training various people in an organisation security standards and best practices
- Ability to explain complex concepts to diverse audiences
- Experience of Agile methodologies
- Amazon Web Services experience
- Experience in conducting ethical hacking and penetration testing
- Experience of security for mobile applications (phone, tablet)
- Active in the White Hat and/or bug bounty community
- Certified in recognised industry security qualification:
- Certified Information Systems Security Professional (CISSP)
- Information Systems Security Architecture Professional (ISSAP)
You’ll be a passionate and collaborative individual who can work with various disciplines to achieve your goals, you will be analytical and Inquisitive as well as a subject matter expert in security to enable you to explain technical topics to those without a technical background. You will be a good communicator with both initial teams and others around the business
Why you should apply...
We believe in creating a culture of engagement and reward to develop employee potential and offer long-term career success. To help with that, we offer the following:
- Generous holiday allowance
- Private medical healthcare
- Life assurance
- Competitive salary and bonus scheme
- Additional benefits, such as Bike to Work, Childcare Vouchers and discount schemes.