3 weeks ago Be among the first 25 applicants
Get AI-powered advice on this job and more exclusive features.
Business Manager Data Protection - AI Governance - Cyber Security at Hays Technology
Job Description:
We are seeking talented and experienced Security Architect Consultants.
The ideal candidates will have a strong consulting background and at least 3 years of experience in the field of information security.
This role involves designing, building, and maintaining secure systems and applications, as well as providing expert advice on security best practices to various customers and stakeholders.
Responsibilities include:
1. Architecture – Security Consulting
* Translate business and security requirements into practical, well-structured designs using industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS).
* Develop and maintain secure architectural patterns and standards, with expertise in cloud security (AWS, Azure, GCP).
* Apply risk-based and threat-based approaches to recommend appropriate security technologies and solutions (e.g., SIEM, IAM, CASB, container security).
* Outline key security components, interfaces, and dependencies. Create architectural diagrams and overviews. Document security design principles and provide rationale.
* Ensure designs align with business objectives, security policies, and industry best practices, focusing on cloud-native security considerations.
1. Risk and Threat Management
* Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations.
* Advise clients on risk mitigation strategies and security best practices, supporting their implementation for measurable improvements.
* Assist in security incident response and investigations, contributing to thorough post-incident reviews and identifying areas for improvement.
1. Stakeholder Engagement and Technical Leadership
* Provide expert guidance to clients on secure architecture and risk management, participating in technical discussions with stakeholders.
* Engage with stakeholders to contribute to informed security decisions and communicate complex security concepts effectively.
* Deliver clear presentations and reports to technical and non-technical audiences, providing technical guidance to project teams.
* Collaborate with developers, IT operations, and other security team members to ensure effective security integration throughout the SDLC.
1. Security Policy and Standards Implementation
* Advise on the development and implementation of security policies, standards, and procedures, including cloud-specific policies.
* Conduct security compliance assessments and audits, assisting in addressing gaps and providing recommendations for remediation.
* Support alignment with relevant security frameworks and regulations, identifying potential compliance issues and contributing to mitigation strategies.
1. Technology Evaluation, Deployment, and Management
* Conduct security architecture reviews and perform security assessments, including vulnerability scanning, configuration reviews, and cloud security posture assessments.
* Contribute to the development of security architecture road-maps and strategic plans, supporting their implementation with a focus on continuous improvement.
* Evaluate and recommend appropriate security technologies and solutions, supporting their deployment and integration.
* Provide guidance on the implementation of security controls and best practices, supporting their maintenance and optimization.
* Stay updated with emerging threats and technologies, researching and recommending new security solutions.
Skills Required:
* 3+ years' experience in information security, data protection, and security architecture, with a focus on cloud security and compliance.
* Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS/NIS2, DORA, UK CNI / OT / IIOT compliance.
* Experience building credibility with external stakeholders through technical presentations, audits, or compliance reporting, including enterprise clients, critical system vendors, certification auditors, and regulatory bodies.
* Proven technical leadership ability to guide and mentor teams, influence, and collaborate with senior stakeholders.
* Hands-on approach, capable of balancing strategic oversight with direct security tasks.
* Excellent communication skills for presenting complex information clearly to non-technical audiences.
* Ability to explain complex topics to diverse audiences.
* Strong attention to detail and commitment to high-quality work.
* Participation in pre-sales activities and ongoing support of delivery collateral.
* Legal eligibility to work in the UK and obtain UK SC clearance.
* Certifications: CISA, CRISC, CISM, or CISSP required.
Additional Details:
* Seniority level: Mid-Senior level
* Employment type: Full-time
* Job function: Consulting, IT, Strategy/Planning
* Industries: Business Consulting and Services, IT Services and Consulting, Technology, Information, Media
#J-18808-Ljbffr