Willis Towers Watson
,
Reigate, Surrey
Cloud Security Architect- FTC
Overview
Job Description
**Summary of Role** 12 month fixed term contract, with possibility to extend further or become permanent. The Cloud Security Architect is accountable for supporting Enterprise Architecture activities through creating public and hybrid cloud security design deliverables that guide existing and developing business solutions that will secure enterprise applications and information. This role will cover security controls across the various cloud services including Software, Platform and Infrastructure. **The Role** + Develop and maintain High- and Low-Level design documents including Reference Architectures, Security Configuration Standards and Solution Diagrams. + Ensure designs align with Company Information Security requirements, Policies, and Standards. + Analyse business processes, environments and applications in order to identify areas of security risk and develop secure controls and solutions to address them. + Develop technology visions and strategies that support and enhance business strategy + Understand security and technology trends and the practical application of existing, new, and emerging technologies to enable new and evolving business and operating models. + Perform vendor evaluations and participate in proof-of-concept validations to further ensure designs and recommendations will achieve required objectives. + Work with implementation and operational teams to ensure thorough understanding of the security controls to be implemented. + Consult with application and infrastructure development projects to build security into broader enterprise applications and processes. + Understand secure solutions and technology with enough depth to identify specific secure settings to achieve compliance with designs and standards. + Develop, communicate, and deploy Enterprise Architecture processes, reference architectures, technical standards/strategies and blueprints and patterns. + Establish strong working relationships with other enterprise Architects and business Information Security teams. + Maintain in-depth knowledge of the organisation's technologies and architectures. **The Requirements** + Sufficient experience of working in an Azure operational or architectural role with experience in security configurations. + Experience in assessing, implementing and documenting MS Azure security components including managing identity and access, infrastructure security controls, monitoring for security events, and encrypting and securing data. + Experience with securing PaaS services + Experience with container technologies such as AKS + Understanding of related security items such as DLP, vulnerability management, security frameworks and application security. + Broad knowledge of Information Security, IT and industry best practices such as from CIS and CSA + Understanding of agile methods and processes, and capability of supporting agile project teams + Excellent understanding of best practice infrastructure and network architectures + Awareness of data residency issues and effects on secure solutions such as GDPR + Excellent team player and able to work independently + CISSP or other related cloud security certification (desirable) **Equal Opportunity Employer**