Cyber Security Architect

We are growing and looking to recruit a Cyber Security Architect with experience of supporting clients in the Public sector. We’re looking for an enthusiastic and driven individual to join our team. Client satisfaction is paramount to us and therefore strong customer facing skills are a must.We are a small Consultancy with big plans for growth, offering a clear career path and family based approach to our team, Partners and Clients.A UK Government Security Check (SC) clearance is required for this role. If you don’t hold SC clearance, we will support you to apply as long as you have lived and worked in the UK continuously (no longer than 6 months abroad) for the last 5 years.As a Cyber Security Consultant, you will be a subject matter expert in secure design, risk management and compliance with demonstratable experience in highly regulated industries, specifically UK Government and Defence.You will build effective working relationships with delivery team members and Cyber Security Specialists customers and operate with and without supervision as a Security SME across multiple Client projects.ResponsibilitiesLead client-specific security and assurance of complex, cloud-centric data and digital services across entire lifecycle (strategy, design, implementation and operations)Provide specialist advice and knowledge of UK Government security architecture and assurance to OFFICIAL and above classifications.Provide specialist advice and knowledge of Public Cloud (Azure and AWS) cloud-based security architectures.Define and lead external security testing (ITHC, Pen Testing, etc) of solutions on the public cloud native platforms and Software as a Service (SaaS) solutions.Perform risk assessments of on-premise and public cloud hosted solutions and identify any control gaps and residual risks.Establish security requirements for cloud-based solutions by evaluating business strategies and requirements, implementing security standards such the NIST Cyber Security Framework.Identify and deliver appropriate controls based on industry standards (e.g. NCSC Cloud Security Principles) to drive cloud and customer security solutions framework based on business risk and cloud native threats.Continually evaluate new threats in the cloud, to identify the impact on IT and the business to develop and implement security controls.Provide direction, analysis and design facilitation to develop, maintain and govern a customer security architecture.Ensure that architecture principles, designs, technologies, methods and practices are properly executed.Perform Cyber Security Maturity Assessment to known standards such as the NIST Cyber Security Framework.Key Skills and ExperienceCloud security concepts, technologies and best practices for delivering security across IaaS, PaaS, SaaS and Serverless architectures.Significant public cloud (AWS and Azure) and hybrid cloud security architecture experience across multiple domains: Cloud, Network, Infrastructure, Application, Data, IAM.Implementing Information Security and Privacy Standards and Frameworks (e.g. ISO 27001, NIST, CIS).Working directly with engineering teams and architects to review system/data architectures through the development of patterns and industry best practice.Understanding and articulating the impact of vulnerabilities and required controls and mitigations on existing and future designs and systems.Demonstrate a solid understanding of security concepts and can apply them to a technical level to guide engineering teams.Ability to conduct Risk Assessments and effectively translate and accurately communicate security and risk implications to technical and non-technical stakeholders.Manage delivery manager and stakeholder expectations and be flexible, adapting to stakeholder reactions to reach consensus.Nice to have SkillsFormal security certifications e.g. CISSP, CISM, AWS Solutions ArchitectWorking within environments utilising DevOps, DevSecOps, SRE, CI/CD, Infrastructure & Security as Code (Docker, Git, Terraform)Good understanding of Data Protection & GDPRPackage£40 – £65k per annum dependant on skills and experienceUp to 10% annual bonus (if targets met)Funded InfoSec training and time allocated for self-studyFlexible working policy (within core business hours)Hybrid working – Company HQ in Altrincham (South Manchester)

#J-18808-Ljbffr