The Opportunity
This role primarily responsible for designing, implementing, and maintaining secure information systems within the Firm. The successful candidate will play a crucial role in identifying potential security vulnerabilities, and ensuring compliance with client requirements, industry standards and regulations.
The Security Architect will work closely with cross-functional teams, including project management, Enterprise Architecture, Information Security, Security Operations and technical IT teams, to assess risks, propose appropriate security measures, and implement effective security solutions to ensure compliance with security standards and best practices.
The successful candidate should possess a strong technical security background including Azure and Microsoft 365 security tooling, a deep understanding of security frameworks and best practices, and the ability to translate business requirements into robust security architectures.
Key responsibilities
Security Architecture Design and Implementation - ARCH (Level 5), SCIY (Level 6), SCAD (Level 6)
* Design, evaluate, and recommend security solutions, including infrastructure, network, and application security controls.
* Ensure Security strategies, policies, standards and practices are applied correctly.
* Collaborate with project managers and technical teams to assess security risks associated with internal projects and propose appropriate risk mitigation strategies.
* Collaborate with stakeholders to understand business requirements and translate them into effective security designs.
* Evaluate emerging technologies and trends to proactively enhance the Firm's security posture.
* Contribute to the implementation of the Firm's enterprise security strategy
Security Governance and Compliance - SCIY (Level 6), INAS (Level 4), SCAD (Level 6)
* Define and enforce security policies, standards, and procedures to ensure compliance with Client, regulatory requirements and industry best practices.
* Develop and maintain security control frameworks and ensure their consistent application across the Firm.
* Contribute to security reviews and audits to assess compliance with internal policies and external regulations.
* Provide guidance and support for security incident response and coordinate investigations as needed.
* Stay up to date with evolving security threats and vulnerabilities and recommend appropriate measures to mitigate risks.
Collaboration and Communication
* Collaborate with cross-functional teams, including IT Platforms, Products and services and Risk and Compliance, to ensure security requirements are integrated into the development lifecycle.
* Work closely with project managers, Enterprise Architecture and Security and Privacy to ensure security considerations are addressed throughout the project lifecycle.
* Communicate complex security concepts and requirements to both technical and non-technical stakeholders.
* Provide guidance and mentorship to junior members of the security team.
* Stay abreast of industry best practices and emerging technologies through continuous learning and professional development
This is a full-time, 12 month Fixed Term Contract role based in our Glasgow office with hybrid working.
More information can be found in the job description attached to the role on our careers site
About you
The successful candidate will have:
* Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
* Professional certifications such as CISA, CISM, SABSA, TOGAF or similar credentials are preferred.
* Strong knowledge of information security principles, best practices, frameworks and standards (e.g., ISO 27001, NIST, Well Architected Framework, CAF, CIS, CE+).
* Strong knowledge and expertise of cloud security concepts and experience with cloud platforms and tooling (e.g. Azure, M365, SASE).
* Proficiency in security technologies and capabilities such as SIEM, DLP, IAM, EDR, WAF and SASE
What makes Ashurst a great place to work?
We offer you all the things you should expect from an international law firm, some of which include:
* competitive remuneration with the flexibility to reward high performance;
* flexible working;
* corporate health plans;
* a global professional development offering for all employees; and
* an industry-leading programme that celebrates diversity and inclusion.
We are committed to delivering positive impacts to our communities through our Social Impact programme.
We aim to recruit, retain and promote the best people from the widest possible talent pools. We are committed to offering a safe and welcoming environment for all employees to ensure they are supported to work at their best.
Beyond this, what sets Ashurst apart from others is our global strength, our drive to innovate and collaborate, and our commitment to excellence. It is these values that make Ashurst a unique place to work.
#J-18808-Ljbffr