Security Solution Architect
Posted 1 day ago by ST Global Tech LLC
Negotiable
Inside
Hybrid
Manchester Area, United Kingdom
Summary: The Security Solution Architect role involves working within a Security Consultancy and Design team to deliver cyber security solutions across various computing platforms. The position requires applying Agile methodologies, conducting threat modeling, and designing secure solutions while ensuring adherence to security standards. The role is hybrid, requiring 40% of the time in the office, and is classified as inside IR35.
Key Responsibilities:
- Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence.
- Threat model by deconstructing technical solutions, identifying threats and vulnerabilities and assessing risks.
- Use experience to analyse the risks and benefits of design options to support making safe architectural decisions.
- Design secure solutions documenting the key security controls and adhering to security standards.
- Define security testing requirements and assess findings.
- Effectively communicate technical concepts to both technical and nontechnical audiences, providing security direction, governance, assurance and guidance.
Key Skills:
- Dynamic solution-oriented individual bringing energy to a rapidly evolving environment with an ability to work well under pressure.
- Broad knowledge of modern Enterprise technologies including Cloud and AI.
- Exposure to contemporary architectures eg. RESTful APIs and containerised microservices.
- Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE / MITRE ATT&CK.
- Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. endpoint, network, cryptography and IAM.
- Aware of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
- Certifications in security management eg. CISSP / CISM / CCSP or equivalent.
- Certifications in technical security domains eg. CEH / OSCP or equivalent.
Salary (Rate): 350 GBP/Day
City: Manchester
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Security Solution Architect
Location(s): Manchester, Leeds, Bristol, Halifax, Edinburgh.
Working Pattern: Hybrid, 40% (or two days) in an office site.
Long-term contract
Rate: 350 GBP/Day
Inside IR35
Our Security Consultancy and Design team are continuing their search for Cyber Security Consultants who have a broad knowledge of Cyber Security domains and controls working across a wide range of computing platforms.
What you'll do:
- Applying Agile methodologies to support engineers and deliver on multiple challenging product initiatives simultaneously, driving engineering excellence.
- Threat model by deconstructing technical solutions, identifying threats and vulnerabilities and assessing risks.
- Use experience to analyse the risks and benefits of design options to support making safe architectural decisions.
- Design secure solutions documenting the key security controls and adhering to security standards.
- Define security testing requirements and assess findings.
- Effectively communicate technical concepts to both technical and nontechnical audiences, providing security direction, governance, assurance and guidance.
What we're looking for:
- Dynamic solution-oriented individual bringing energy to a rapidly evolving environment with an ability to work well under pressure.
- Broad knowledge of modern Enterprise technologies including Cloud and AI
- Exposure to contemporary architectures eg. RESTful APIs and containerised microservices.
- Up-to date on emerging threats and experienced with threat modelling frameworks eg. STRIDE / MITRE ATT&CK.
- Significant knowledge of cyber security domains and how they apply to Enterprise business environments eg. endpoint, network, cryptography and IAM.
The nice to haves:
- Awareness of industry related security standards such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
- Certifications in security management eg. CISSP / CISM / CCSP or equivalent.
- Certifications in technical security domains eg. CEH / OSCP or equivalent.