Security Operations/SOC Architect

Location
London
Salary
Negotiable
Posted
29 Jan 2018
Closes
26 Feb 2018
Ref
HQ00085923
Contact
Mary Worthington
Clearance Level
None / Undisclosed
Job Type
Contract

Security Operations/ SOC Architect

My client, a leading financial services provider in the City are actively looking for a SOC Architect to join their CISO function, on an initial 6 month basis. They are in the midst of a number of huge transformation programs at the moment, this role being focused predominantly around their Security Operations migration programme. They have recently appointed a new vendor to support them with their SOC. Working in a team of 8, you will take the lead around integrating the new supplier with the current global estate, as well as the strategic aims for the business.

The role

  • Architecture ownership of assigned Security Domains including the creation and ownership of domain assets such as Visions, Principles, Solutions Architectures, and Roadmaps for each
  • Shaping and optimising the Security Portfolio with the Security Change function, using Roadmaps as key inputs
  • Liaising with Project Managers and Solutions Designers to set projects up for success at the start to ensure strategic value is delivered and tactical effort and spend is minimised.
  • Performing strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressing.
  • Facilitating workshops with Technical and Business stakeholders to provide direction or drive issue resolution - providing analysis, distilling down to key decisions, and capturing next steps or plan for issue resolution
  • Providing ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc.

Experience

  • Have demonstrable, well-grounded experience in an information security field.
  • Have demonstrable experience of working on a Security operations migration programme.
  • Proven experience using Information Security Frameworks (e.g. ISF, NIST, ISO) and use of Architecture development methods (e.g. TOGAF)
  • Previous experience of seeing Security Architecture direction and decision making through to Design, Implementation and Run/Operations.
  • Domain expertise in three or more areas:
    • Network Security (e.g. WAFs, Firewalls, Proxy, IDS/IPS, CASB)
    • Windows enterprise security
    • Information Protection including classification, tagging, and Data Loss Protection
    • Identity & Access Management (incl. RBAC, recertification, federation, and MFA)
    • Malware detection
    • Endpoint security capability (e.g. posture check & isolation, device lockdown, etc.)
    • Vulnerability management, risk management and threat intelligence
    • Application & Database Security (incl. SDLC, code scanning solutions, DB firewall & monitoring)
    • Security monitoring, correlation and operations
  • Educated to Degree level (or equivalent) preferably in Technology or Information Security
  • Certified Information Systems Security Professional (CISSP), or similar

Similar jobs

Similar jobs