Security Architect

Job Title: Security Architect
Contract Type: Contract
Location: Scotland
Salary: £700 - £800 per day + Outside IR35
Start Date: 06/09/2021
Reference: BBBH27706_1627658819
Contact Name: Zoe Latuszka
Contact Email:
Job Published: July 30, 2021 16:27

Job Description

Security Architect
Initially 6 Months. Up to 23 Months.
Outside IR35
Remote for the foreseeable. When offices open, specialist may have to attend Glasgow office as required. A large proportion of the week will be remote.
What will you work on:

  • Design security-controls in cloud-based web-applications and cloud-infrastructure to support business objective
  • Work with stakeholders in an agile environment to refine security-control implementation
  • Educate and upskill colleagues in best practice
  • Assist in defining and executing security best practices in engineering and software design
  • Contributes to security architecture policy, standards and design
  • Advises stakeholders and suppliers on compliance with IT security policy and controls
  • Contributes to IT service level definitions
  • Contributes to Cyber Assurance maturity assessments, or other audit/compliance activities
  • Supports development of business cases for investment to improve IT security controls
  • Ensure compliance with Codes of Connection/Memorandums of Understanding

Essential Skills

  • Experience of working with agile engineering teams and designing security controls for cloud-based web applications - ideally with Java and AWS
  • Experience of working with demanding security standards - ideally to standards that comply with Home Office NPRIMT controls
  • Experience of creating security-controls, with working-knowledge, to advise on cloud implementations (Azure, AWS, GCP etc…)
  • Some understanding of application architectures, patterns and the ability to interpret technical designs
  • Strong knowledge of government and industry data/cyber security legislation, policy, patterns, standards (including but not limited to ISO27001, CSA STAR and NIS Directive) and guidance.
  • Experience of reviewing system architectures to: identify single points of vulnerability and common architectural flaws
  • Experience of identifying security issues relating to configuration of components in an architecture*
  • *validate and explain how common attack methods are mitigated by the design
  • *and identify areas where detailed technical analysis will be required to understand important nuances that could have significant security implications.
  • Strong knowledge of Government and industry risk management techniques
  • Demonstrable experience in interpreting and applying this knowledge in an agile way, working with development teams to deliver digital Cloud services.