Contract typePermanent Full Time
We now have an opportunity within our IT department for a Security Architect. This position is based from our head office in Bexhill.
Reporting to the Technology Director, the primary purpose of the role of Security Architect is to lead the development, implementation and maintenance of an Enterprise Security strategy and architecture that satisfies business requirements, whilst ensuring that it is aligned with technology strategies and complies with Enterprise Architecture (EA) principles and guidelines. The individual will cover all security aspects in core technology areas such as data, networking, infrastructure, software development, mobile and cloud platforms. They will also be responsible for managing the IT Security Engineering team in Technology Services.
Responsibilities will include:
· Develop the IT security strategy and roadmaps based on sound enterprise architecture practices and business priorities
· Develop and maintain a security architecture process that enables the company to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
· Manage the assessment of gaps between the “As-Is” and “To-Be” Enterprise Security architectures and define transition strategies and roadmap for addressing them
· Ensure company core technology initiatives are designed and built with the correct levels of security and compliance
· Lead and develop the IT Security Engineering team
· Act as the security liaison to Technology, Data and Change teams
· Engage with business stakeholders to understand their propositions in order that business goals can be achieved securely or where necessary with full understanding of the risks involved
· Develop and maintain security architecture artefacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations
· Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artefacts, and incorporated into Hastings’ technology platforms.
· Review security technologies, tools and services, and make recommendations for their use based on security, financial and operational metrics
In order to be considered for this role you will have:
• 10 years experience in delivery of security design and building and deployment of security infrastructures
• 5 years experience of security strategies and technologies with experience of defining security architectures and roadmaps within a medium to large sized organisation
• 5 years implementation experience of a wide range of security products such as access audit tools, IDS, IPS, DLP, Firewalls, End Point security, encryption, proxies, DDOS protection, etc.
• Extensive hands-on security engineering experience of Operating Systems, Active Directory, Group Policy, Network Protocols, PKI, proxies, access management, etc.
• Proven technical leadership of IT Security in an enterprise organisation including managing and developing a team
• Experience of engaging with business stakeholders and helping them to understand their businesses security and risk profile
• Experience of securing public and private cloud solutions plus understanding of emerging security technologies for mobile and cloud
• Understanding of Identity, Federation and Authentication technologies e.g. SAML, OAUTH, etc. and cryptographic techniques and encryption services
• Experience in using architecture methodologies such as TOGAF
• Good experience and technical understanding of Public and Private Cloud technologies such as AWS, Azure and VMware
• In-depth knowledge of compliance to GDPR legislation and PCI DSS
In return for your skills and experience, you will receive a competitive salary along with an annual bonus, contributory pension, life assurance, along with Hastings Direct discounts and reward schemes. If the above looks and sounds like you then please do not hesitate and apply today!