Senior Security Architect - AWS (DV Cleared)

  • Location

    England

  • Sector:

    IT

  • Job type:

    Contract

  • Salary:

    £600.00 - £750.00 per day

  • Contact:

    Experis UK

  • Contact email:

    James.Cook@experis.co.uk

  • Job ref:

    1239_1585818831

  • Published:

    about 2 months ago

  • Duration:

    12 months

  • Expiry date:

    2020-05-02

  • Start date:

    ASAP

  • Client:

    #

Our Central Government client are looking for an experienced Senior Security Architect / Chief Inforamtion Security Officer (CISO)

(DV Cleared)

Summary of the work

  • Develop & document security-architecture & data-handling approach.
  • Develop & maintain security policies and procedures.
  • Security representation to senior stakeholders.
  • Identify, document and manage security risks.
  • Security input to project-planning.
  • Conduct internal security-audits and remedial activities.
  • Manage external security-audit (e.g.ITHC) and remedial-activities.
  • Manage implementation of security-tooling.
  • Ongoing skills-transfer to staff.

Who you will work with


You will provide security direction & support to the current team including a broad mix of engineers, architects & specialist roles covering the full spectrum of big-data, cloud infrastructure and business analysis

You will engage with other teams, for example;

  • Design Authority for design sign-off.
  • Data Protection team for data governance.
  • Security Architecture team.
  • Stakeholder teams, e.g. data analysts & scientists.
  • 3rd party suppliers and auditors (e.g. IT Health-Check teams).

What you will work on


Data ingestion from existing service, surfacing of data to users of new AWS Data Platform and data transfer to downstream systems which consume this data (e.g. Data Warehouse & RIS).

Key skills and Experience

  • Membership of a relevant professional body (e.g. BCS, CIISec).
  • At least 10 years of broad security experience, with a relevant general security qualification (e.g. CISSP, CRISC, CISM).
  • At least 10 years of experience in interpreting & implementing HMG security policy.
  • At least 10 years of experience developing security architecture, with a relevant senior security architecture qualification (e.g. CCP Senior Security Architect).
  • At least 5 years of experience in risk assessment and risk management, with a relevant risk management qualification (e.g. CCP SIRA).
  • Demonstrate extensive experience in providing board-level representation of security
  • Demonstrate extensive experience in the development and implementation of security strategy, policies and procedures
  • Demonstrate extensive experience in provision of Security Education & Awareness Training (SEAT)
  • Demonstrate extensive experience in security incident response
  • Demonstrate extensive experience of managing security within agile teams within
  • Demonstrate extensive experience in managing the conduct of Security IT Health Checks (ITHC) and remedial activities, ideally having led an ITHC engagement
  • Demonstrate a solid understanding of securely handling sensitive data, including data valuation and interpretation of GDPR, DPA and other relevant legal instruments
  • Demonstrate experience of managing security in the context of open-source code repositories and products
  • Demonstrate extensive knowledge of working with the AWS cloud platform
  • Demonstrate extensive knowledge of AWS Identity and Access Management (IAM)
  • Demonstrate extensive knowledge of AWS security and monitoring tools (e.g. AWS Security Hub, AWS Config, AWS CloudWatch)
  • Demonstrate experience in the practical hands-on implementation and management of security tools
  • Senior membership of a relevant professional body (e.g. FBCS, FCIISec).
  • Demonstrate experience of implementing systems of record
  • Demonstrate knowledge of AWS networking concepts
  • Demonstrate experience of using and securing AWS Key Management Service (KMS)
  • Demonstrate experience of using and securing AWS Cloud Hardware Security Module (CloudHSM)
  • Demonstrate experience of using and securing AWS Certificate Manager Private Certificate Authority (ACM PCA)
  • Demonstrate experience of using and securing AWS Simple Storage Service (S3)
  • Demonstrate experience of using and securing AWS Elastic Cloud Compute (EC2)
  • Demonstrate experience of using open-source security tools (e.g. Snyk)
  • Demonstrate experience of Continuous Integration and Continuous Deployment (CI/CD)
  • Demonstrate experience of using Infrastructure as Code to provision and manage cloud infrastructure using terraform
  • Demonstrate experience of using Git and GitHub, GitLab or Bitbucket
  • Demonstrate practical experience of configuring physical network and security tools (firewalls, switches, load balancers, etc)
  • Demonstrate experience of managing service migration from on-premise to cloud-hosted platforms
  • Demonstrate experience working in Data Centres

Security Architect (DV Cleared), Security, Architect, Architecture, Risk, Audit, CISSP, CRISC, CISM, CPP, CPP SIRA, SEAT, Agile, ITHC, GDPR, DPA, Open-source, AWS, IAM, AWS Security Hub, AWS Config, AWS CloudWatch, AWS Key Management Service, KMS, CloudHSM, ACM PCA, S3, EC2, Snyk, CI/CD, Terraform, Git, Github, GitLab, Bitbucket, Data Centres, HMG, Central Government, Public Sector, DV Clearance, DV Cleared, Level DV, Developed Vetting, Development Vetting, Developed Vetted, Development Vetted