What you'll be doing:

Using your background in Security Architecture, you will help our clients:

Security Architecture:

• Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS).  
• Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP).  
• Apply risk-based and threat-based approaches to evaluate and recommend appropriate and proportionate security technologies and solutions (e.g., SIEM, IAM, CASB, container security).  
• Outline key security components, interfaces, and dependencies. Develop architectural diagrams and overviews. Document security design principles and provide rationale.  
• Ensure designs align with business objectives, security policies, and industry best practices, with a focus on cloud-native security considerations.  

Risk and Threat Management:

• Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations.  
• Advises clients on risk mitigation strategies and security best practices, and support the implementation of those strategies, contributing to measurable improvements.  
• Support security incident response and investigations, contributing to thorough post-incident reviews and identifying areas for improvement.  

Stakeholder Engagement and Technical Leadership:

• Provide expert guidance to clients on secure architecture and risk management, participating in technical discussions with stakeholders.  
• Engage with stakeholders to contribute to informed security decisions and communicate complex security concepts effectively.  
• Deliver clear presentations and reports to technical and non-technical audiences and provide technical guidance to project teams.  
• Collaborate with developers, IT operations, and other security team members to ensure effective security integration throughout the SDLC.  

Security Policy and Standards Implementation:

• Advise on the development and implementation of security policies, standards, and procedures, and support their enforcement, including cloud-specific policies.  
• Conduct security compliance assessments and audits, and assist in addressing any gaps, providing recommendations for remediation.  
• Support alignment with relevant security frameworks and regulations, identifying potential compliance issues and contributing to mitigation strategies.  

Technology Evaluation, Deployment, and Management:

• Conducts security architecture reviews and perform security assessments, including vulnerability scanning, configuration reviews, and cloud security posture assessments, identifying vulnerabilities and recommending detailed remediation strategies.  
• Contribute to the development of security architecture roadmaps and strategic plans, and support their implementation, with a focus on continuous improvement.  
• Evaluate and recommend appropriate security technologies and solutions and support the deployment and integration of those technologies.  
• Provide guidance on the implementation of security controls and best practices and support the maintenance and optimization of those controls.  
• Stay updated with emerging threats and technologies, and research and recommend new security solutions.  

Presales and Bid Support:

• Contribute to the development of proposals and statements of work, including defining the scope, approach, and deliverables.
• Estimate effort, costs, and timelines for security solutions, considering various factors and constraints.
• Present security solutions and architectures to potential clients, effectively communicating their value and benefits.
• Support the bid management process by providing technical input, risk assessments, and compliance considerations.