IT Security Architect
£600-650 per day. Outside IR35
Homeworking for foreseeable.
When the risk of COVID infection is eliminated or much reduced, we envision many of the team activities to take place at our offices in Edinburgh, for at least part of each week.
An experienced IT and Information Security Architect is required to support us in the development and maturing of our IT and Information Security capabilities, and to support other teams within the organisation in the development of their services in a secure fashion.
We have made significant strides aligning its IT Development and IT Enablement capabilities with a common technical strategy in pursuit of our corporate objectives. The Enablement teams provide platforms that Development teams use to develop products that support Operational colleagues in their registration work.
The organisation's ambition is to have enduring teams aligned to Enablement platforms and Product Development domains ensuring ownership and the ability to safely maintain and improve the estate. This will involve re-developing or replatforming much of our IT estate to the cloud.
IT Security is one of four IT Enablement domains established in the last three years to enable us to deliver high quality, secure and resilient digital products. IT Security provides the enduring function to prevent, detect and respond to threats; and to provide assurance for services within the organisation. The team is multi-functional with a strong collaborative and agile culture.
IT Security are working closely with other Enablement teams to support the adoption of Cloud services (AWS, M365 etc) and the internal Risk and Governance teams to provide a strong, assurable framework for security control assessment.
Within the timeframe of this contract, define, agree and lead the technical implementation of a comprehensive IT Security Roadmap targeted at the following objectives:
- Delivery of a Privileged Access Management solution for the organisation
- Delivery of a Firewall Assurance and Automation toolset for the organisation, including direct integration into ServiceNow for workflow automation
- Maturation of an ISO 27001-based standards framework for the IT Security and wider IT Technology areas, including supporting the creation and piloting of a new, integrated Risk framework
- Enhancement of existing Network Access Control toolset to orchestrate data collection, dashboard generation and internal network segregation
- Delivery of Cyber Scenario Wargaming exercises to the business
- Creation and maintenance of the technical security roadmap
- Updating stakeholders on the technical progress of initiative delivery
- Undertaking and documenting options analyses and technical assessments as required
- Delivery of toolset automation for response to Security and Assurance tasks using a SOAR platform
- Planning for and delivery of the adoption of a variety of the M365 E5 security and identity-based capabilities
- Migration of the user estate to Azure-based authentication, including Azure MFA
- Integration of core business applications into single sign on
- Providing support for senior stakeholder engagements
- Providing technical leadership for both internal and external audit activities
- Delivery of several core security assurance processes as required by the organisation
- Maturation of the BAU IT Security function
- Assisting the Technical Product Manager to prioritise the backlog based on technical considerations
- Assisting the Agile Team Lead in ensuring the delivery of team objectives from a technical perspective.
- MSc in Information Security (or equivalent)
- Experience managing a multi-million-pound IT Security technology change and run budgets
- Experience working in IT Security in a Public Sector Land Registration environment
- Experience working in a highly regulated environment in a senior role (Public Sector, Financial Services)
- Creation of Standards and Patterns
- Ability to work with the business to understand the context, and to focus on delivering value
- Excellent collaboration, communication, and teamwork skills
- Experience working in Agile delivery models
Hands on technical understanding of:
- Network Access Control
- Vulnerability Management
- Web Application Firewalls
- Privileged Access Management solutions
- Endpoint Detection and Response solutions
- Certified Ethical Hacker
- Programming experience using C, C++, Python, Java, BASH, Powershell etc.
- Knowledge of secure coding and code audit strategies
- Knowledge of container security
- Experience with cloud technologies
- Awareness of the SABSA Enterprise Security Architecture framework