Security Operations/SOC Architect
Security Operations/ SOC Architect
My client, a leading financial services provider in the City are actively looking for a SOC Architect to join their CISO function, on an initial 6 month basis. They are in the midst of a number of huge transformation programs at the moment, this role being focused predominantly around their Security Operations migration programme. They have recently appointed a new vendor to support them with their SOC. Working in a team of 8, you will take the lead around integrating the new supplier with the current global estate, as well as the strategic aims for the business.
- Architecture ownership of assigned Security Domains including the creation and ownership of domain assets such as Visions, Principles, Solutions Architectures, and Roadmaps for each
- Shaping and optimising the Security Portfolio with the Security Change function, using Roadmaps as key inputs
- Liaising with Project Managers and Solutions Designers to set projects up for success at the start to ensure strategic value is delivered and tactical effort and spend is minimised.
- Performing strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressing.
- Facilitating workshops with Technical and Business stakeholders to provide direction or drive issue resolution - providing analysis, distilling down to key decisions, and capturing next steps or plan for issue resolution
- Providing ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc.
- Have demonstrable, well-grounded experience in an information security field.
- Have demonstrable experience of working on a Security operations migration programme.
- Proven experience using Information Security Frameworks (e.g. ISF, NIST, ISO) and use of Architecture development methods (e.g. TOGAF)
- Previous experience of seeing Security Architecture direction and decision making through to Design, Implementation and Run/Operations.
- Domain expertise in three or more areas:
- Network Security (e.g. WAFs, Firewalls, Proxy, IDS/IPS, CASB)
- Windows enterprise security
- Information Protection including classification, tagging, and Data Loss Protection
- Identity & Access Management (incl. RBAC, recertification, federation, and MFA)
- Malware detection
- Endpoint security capability (e.g. posture check & isolation, device lockdown, etc.)
- Vulnerability management, risk management and threat intelligence
- Application & Database Security (incl. SDLC, code scanning solutions, DB firewall & monitoring)
- Security monitoring, correlation and operations
- Educated to Degree level (or equivalent) preferably in Technology or Information Security
- Certified Information Systems Security Professional (CISSP), or similar