Cyber Security Architect
The Role and Responsibilities
Your key responsibilities will encompass the following:
- Consulting with clients to identify the security resilience requirements needed to safeguard their organisations mission and business activities.
- The application of architectural and cyber resilience principles to develop appropriate models, standards, policies and solutions that support the client in their security resilience.
- Identify effective human, procedural and technical controls to reduce the effectiveness of a cyber-attack and minimise the organisation’s cyber risks.
- Work with engineering teams to embed security design principles and activities in the engineering development lifecycle.
- Evaluate security architectures and designs to understand the effectiveness of these designs from a security perspective. Provide advice and support in remedying any gaps.
- Provide Cyber Security advice and guidance for clients in ‘business as usual’, technical refresh and new project environments.
- Identify critical business functions and the cyber effects that may be created to adversely impact them. Create client centric solutions to address these cyber risks.
- Be able to apply technical knowledge, with creative and innovative thinking in a broad range of complex and non-routine contexts.
- Build successful working relationships with team members, key customers and stakeholders that improves the value of the security services being performed.
The Requirements Essential:
- Experience of delivering technical Cyber Security consultancy in multi-disciplined environments.
- Awareness of the various business drivers different organisations may have.
- An awareness of the Ability to work alongside enterprise architecture and the systems engineers.
- Experience of conducting cyber risk assessments/management and the deployment of appropriate controls.
- An excellent communicator, verbal (active listener) and written (able to write concisely).
- Ability to articulate and pitch Cyber Security advice both at a technical and non-technical level, directly to key customer stakeholders.
- Ability to work on multiple projects and tasks concurrently, successfully balancing business and client priorities.
- Ability to provide high-quality work under pressure that delivers security outcomes to tight deadlines and manage client stakeholder expectations.
- Ability to work both effectively individually and within a team in a multi-discipline environment and in a matrix organisation.
- A wide awareness of Cyber Security across Government and Industry to include; HMG Information Assurance Policies, Standards and Guidelines, including the Security Policy Framework, the CESG IA Portfolio and JSP440 (plus other standard MOD Information Assurance methods).
- An interest in maintaining and enhancing technical and consultancy skills.
- Ambition to work in a challenging and rewarding role that provides real benefit to clients.
- Experience of applying SABSA or equivalent security architecture approaches.
- Experience of using cyber kill chain analysis to identify practical interventions to reduce the effectiveness of an attack, stop or it’s propagation throughout the system/s in question.
- CESG Certified Professional (Security and Information Risk Advisor or Security Architect).
- Understanding of the different approaches and technologies used in identifying and addressing cyber threats on the network.
- Awareness of how the cyber analyst integrates with network operations including using and applying Security incident and event management.
- Awareness of data analytics and how they can be used in cyber security.
- Certified Information Systems Security Professional (CISSP) or equivalent.
- Associate/Full Membership of recognised security professional body such as the Institute of Engineering Technology (IET), Institute of Information Security Professionals (IISP) or the British Computer Society (BSC).
- A keen interest in the latest technology with a focus on security technologies.
- Experience within programme and project environments.