Enterprise Security Architect

Enterprise Security Architect

Role Purpose

Reporting to the Head of Information Security, the Enterprise Security Architect will play an integral role in defining and assessing security strategy, architecture and practices. This role has responsibility for developing practical and versatile security requirements, security architecture blueprints and processes, and ensuring that new and existing services are securely implemented through the selection and use of appropriate controls and supporting processes. This is a new role on the Information Security team and the successful candidate will have the opportunity to lead and shape security standards and practices.

Responsibilities

The principal responsibilities associated with the role include, but are not limited to:

  • Developing security strategy plans and roadmaps based on sound enterprise architecture practices for our cloud and on-premise environments
  • Developing and maintaining security architecture and design standards, policies and processes, models and templates to support the overall Security Strategy and associated frameworks
  • Developing and maintaining a security architecture process that enables the organization to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
  • Collaborating with enterprise architecture, infrastructure, application, security and operational teams to advise and recommend on security technologies, and identifying and driving resolution on security aspects of projects and issues
  • Supporting the development of the Information Security Governance, Risk and Compliance function through the development of architecture driven GRC controls
  • Providing expertise, direction and oversight to operations teams when defining security controls to meet existing and future needs and in response to the changing threat landscape
  • Conducting information security architecture reviews and threat assessments against new and existing applications and services, for both on premise and cloud applications, addressing current and emerging information security and compliance requirements of the organisation
  • Developing and coordinating the implementation of information security architecture and security controls to address the current and emerging information security and compliance requirements of the organisation
  • Connecting with third party vendors to ensure the appropriate tools, configurations and workflows are in place
  • Coordinating the application security testing program from risk identification through to remediation
  • Identifying cybersecurity trends with regards to adversary tactics/methodologies, and techniques that could impact the organisation and ensuring that these are adequately addressed in security strategy plans and architecture artefacts
  • Proactively investigate and research new threats to the organisation and propose solutions/actions to mitigate

Knowledge & Experience 

The successful candidate will ideally have 10 years’ experience in Information Security with at least 3 years in Security Architecture. You will have a significant knowledge of major cybersecurity architecture concepts, technologies, and standard methods, and willingness to dive into new areas. Deep expertise with several of the following cybersecurity areas are key; network security, application security, API security, container security, cloud infrastructure configuration, identity and access control, modern authentication and authorization protocols, endpoint security, mobile security, Microsoft workplace and Office365 Security and Zero Trust principles. A relevant professional certification such as CISSP, ISSAP, CCSP, SANS GIAC or similar is beneficial and a relevant third level qualification is advantageous. A background working in Financial Services and familiarity in the implementation of security standards in regulated environments will also be considered an advantage.

You will have a strong understanding and application of Cloud Security, Architecture, Secure SDLC, Governance and Compliance controls and processes and experience in using architecture methodologies such as SABSA, Zachman and TOGAF. You will have an excellent understanding of frameworks and standards such as NIST, CIS, PCI-DSS, ISO27001:2013, PSD2 as well as good knowledge of the Mitre [email protected] framework and protection strategies, advising on implementation of detection and prevention controls where possible. A proven knowledge of systems implementation and management, including configuration of access controls, security settings, patching and change management is beneficial. You have strong problem solving and analytical skills with the ability to effectively influence and communicate.

Critical Competencies 

The following competencies are essential to the delivery of results and/or to superior performance in this role:

  • Attention to detail
  • Problem Solving and Analysis
  • Decision making/judgement
  • Influencing and gaining commitment
  • Technical/professional knowledge

This is an amazing opportunity working alongside a great leadership team and being a pivotal part in driving the Cyber practice forward, if this is a role you are interested in, please do not hesitate to get in touch with me for a confidential discussion. Jon Browne 01 485 49 67

 Sponsorship is not available for this role, only applicants with full working rights in Ireland will be accepted.

 

 

 

Jonathon   Browne does  Cyber Security & Risk Dublin

Cyber Security & Risk Dublin

[email protected]
+353 87 434 8309