Skills and Responsiblitiles:
- 5 to 10 years of experience producing security architecture within an enterprise environment with a focus on information security and cybersecurity.
- Working knowledge of security architecture frameworks, such as TOGAF, SABSA and OSA frameworks.
- Experience with developing security architectural principles, patterns and best practices for enterprise solutions.
- Practical experience with defining security architecture to meet hybrid solutions residing within enterprise managed datacenters, private clouds, SaaS, IaaS, and PaaS environments.
- Several years of experience with identifying security risk and mapping risk to industry standard frameworks within an enterprise environment.
- Demonstrated experience in recommending end to end security controls to mitigate potential areas of security risk.
- Proven track record to collaborate with enterprise architects and solution designers to ensure appropriate security architecture is incorporated into all solutions and architecture.
- Experience in developing security architecture that addresses zero trust, authentication, strong authorization, key management, cryptography, API management, CI/CD pipelines, container & cloud security, microservice security, etc.
- Extensive experience with using enterprise architecture tools such as ArchiMate, Lucidchart, etc.
- Ability to identify when and where to implement security architecture solutions with consideration to the wider impacts (i.e. risk, cost, customer impact, timescales, etc.)
- Ability to steer security solutions based on the overall architecture without dictating the detailed design delivery.
- Experience of working in a technology-based role and interfacing to a varied number of internal and external stakeholders.
- Relevant industry certifications in security architecture (Certified Information System Security Professional, Certified Information Security Auditor, Sherwood Applied Business Security Architecture, GIAC Defensible Security Architecture, Information Systems Security Architecture Professional, TOGAF Enterprise Architecture Practitioner, TOGAF Enterprise Architecture Foundation, EcFirst Certified Cyber Security Architect, AWS Certified Solutions Architect Associate, AWS Certified Solutions Architect Professional, MS Certified Architect, Certified Cloud Security Professional, CREST Registered Technical Security Architect, EC-Council Certified Network Defense Architect).
- Security knowledge of GDPR and privacy obligations, and experience within Telco specific regulatory and legislative environments.