IT Security Architect

Summary: The IT Security Architect role involves developing and implementing a robust security architecture for an organization in the marketing and analytics sector. This position requires active participation in designing, documenting, and executing security strategies to ensure compliance with industry standards and mitigate risks. The role is critical and highly visible, focusing on enhancing the organization's overall security posture. The contract is for an initial duration of 6 months, with a hybrid working arrangement.

Key Responsibilities:

• Update documentation on current security posture.
• Conduct risk assessments and gap analyses against industry standards (ISO 27001, NIST).
• Identify vulnerabilities and ensure compliance with client contracts.
• Refine high-level and detailed security architectures.
• Design network segmentation, encryption, access controls, and Firewall configurations.
• Develop secure architecture strategies across Azure environments and support divestment planning.
• Develop and refine security policies, SOPs, and access control policies (IAM, RBAC, MFA).
• Create a roadmap for security deployment.
• Confirm tool selections, define change management procedures.
• Establish Azure-native endpoint security and encryption strategies.
• Review and enhance monitoring frameworks (eg, Azure Security Center, SIEM).
• Define incident response protocols, implement logging and auditing procedures.
• Ensure adherence to GDPR, HIPAA, PCI-DSS, and other regulations.
• Prepare audit documentation and compliance mapping.
• Develop and execute penetration testing plans.
• Conduct vulnerability assessments and oversee remediation efforts.
• Create security awareness materials.
• Conduct training sessions and produce documentation for internal teams.
• Maintain a detailed security project plan and track progress.
• Report on implementation status and risk mitigation using project management methodologies (Agile, PRINCE2, PMP).
• Maintain project charters, WBS, RAID logs, communication plans, and stakeholder updates.

Key Skills:

• Experience with Microsoft Azure security solutions.
• Knowledge of industry security standards (ISO 27001, NIST).
• Strong understanding of risk assessment and management.
• Proficiency in security architecture design and implementation.
• Experience with compliance regulations (GDPR, HIPAA, PCI-DSS).
• Ability to conduct penetration testing and vulnerability assessments.
• Strong project management skills (Agile, PRINCE2, PMP).
• Excellent documentation and communication skills.
• Experience with security monitoring tools (Azure Security Center, SIEM).
• Knowledge of IAM, RBAC, and MFA implementations.

Salary (Rate): undetermined

City: London

Country: UK

Working Arrangements: hybrid

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT