Security Architect

Posted 21 May 2024
Salary Competitive
Job type Contract
Discipline Cyber Security
Contact NameJamie Stewart
Remote working Hybrid/Flexible

Job description

Job Title: Security Architect (SAP)
Location: Hybrid (2 days in the office) – Swindon and London
Contract Type: Initial 6-month
Rate: Inside IR35
We are seeking a strong Cybersecurity Architect with a robust understanding of Identity and Access Management (IAM) and Privileged Access Management (PAM), experienced in threat modeling, and implementing/enforcing security controls and guardrails. While in-depth SAP knowledge is a plus, the primary requirement is to have a solid grasp of the architecture and vulnerabilities associated with migrating legacy systems to SAP.
Key Responsibilities:
  • Produce detailed threat models after reviewing technical design documents.
  • Review and input security into solution architecture and high-level designs.
  • Advise and consult with development teams on security matters.
  • Ensure compliance with internal standards and use of approved patterns.
  • Conduct fit/gap analysis to identify security gaps and recommend improvements.
  • Understand critical access restrictions and audit compliance requirements for reports.
  • Key Skills/Knowledge/Experience:
  • Relevant professional qualifications such as Security+, Network+, CISM, CISSP, or working towards certification.
  • Strong concepts of IAM and PAM.
  • Extensive experience in threat modeling and implementing/enforcing security controls and guardrails.
  • Experience working with developers, understanding their challenges, and providing support.
  • Ability to assess and constructively challenge the security elements of technical designs/solutions.
  • Experience in advising on secure systems design.
  • Knowledge of SAP basics, especially from the standpoint of migrating legacy systems to SAP.
  • Understanding of SAP security concepts and best practices is a plus.
  • Good knowledge of cryptography.
  • Familiarity with common CI/CD topics.
  • Developed understanding of risk and control methodologies and practical risk assessment experience.
Person Specification:
  • Previous experience in the UK Financial Services or similar highly regulated industry.
  • Knowledge/experience of PCI-DSS and data privacy regulations like GDPR.
  • Understanding of best practices for large financial organizations.
  • CISM, CISSP certification preferred.

Apply Now!!!