Principal Security Architect

Henry Nicholas are happy to be supporting one of the UK's most recognised holiday and leisure brands in their continued success for 2020. An excellent opportunity has arisen for an experienced Security Architect to join this fantastic organization at principal level, working across a range of security areas including; Cloud Security Solutions, identity management, network protection, security monitoring and network segregation. What we are looking for: You will already have a number of years under your belt at Security Architect level and have experience dealing with Enterprise Infrastructure that is distributed over multiple sites, including the application of Cyber security standards and policies. Essential: - Requires a broad understanding of IT and Enterprise security - Practical experience implementing/assessing systems against NIST Cybersecurity Framework or similar frameworks - Experience of threat modelling applications, services and infrastructure - Experience designing, developing & implementing enterprise security architecture and solutions through to operation - Creation & review of high level & low-level design documentation - Interpreting and applying appropriate Standards, Policies, e.g. ISO27001, PCI DSS, - Knowledge of NIST Cybersecurity Framework or similar and may have an awareness of MITRE ATT&CK framework and potential mitigation options. - Experience of defining the scope for penetration testers and interpreting findings into a pragmatic roadmap of control improvements balanced with the risk - CISSP Certified - Security/Enterprise Architectural Frameworks such as SABSA, TOGAF is highly desirable. - Experience of conducting third party risk assessments. Personal skills The nature and level of this role requires the Principal Security Architect to have excellent planning and prioritization skills, as well as a methodical and meticulous approach to goals. You’ll be very task-driven and will take ownership of the delivery of solutions. You will be dealing with senior stakeholders within the organisation and other internal departments so strong communication and interpersonal skills are a must, as well as being able to persuasively present and justify changes to requirements for secure architecture and security practice. Your day to day: The IT Security teams is a very collaborative group and are huge advocates of knowledge sharing and continuous learning, so being proactive in mentoring and upskilling more junior team members is a huge bonus. - Providing leadership as the security architect (Design Authority) for the system security architecture of systems deployed throughout and across the estate - Strong understanding of security controls to evaluate their effectiveness and the ability to make recommendations to reduce/control any risks identified - You may also play a role in Incident Response Management - Continually review and extend Security on-premise and Cloud(AWS & Azure) design patterns - Responsibility for relevant Security metrics and maturity improvements. Some benefits: - 20% team member discount on holidays for you, your family and friends - Reward and recognition schemes including long service - Externally recognised qualifications that will give you the opportunity to progress and develop - Childcare voucher scheme (subject to eligibility) - Government pension scheme If this role peaks your interest, hit apply