Overview: We are an experienced Security Architect to join our clients Cyber Programme on a contract basis. These roles will support security architecture across IT and OT environments, ensuring security designs align with enterprise security standards and frameworks. The IT-focused role will concentrate on corporate IT security, while the OT-focused role will require experience in industrial control systems (ICS) and SCADA security.
These roles have been introduced to alleviate pressure on the Lead Security Architect and provide security architecture expertise across various projects.
Key Responsibilities:
* Develop and maintain security architecture designs for all ongoing IT and OT projects.
* Ensure security designs conform to enterprise security architecture, information security standards, and best practices.
* Collaborate with Project Managers, Solution Designers, and technical teams to integrate security into solution designs.
* Conduct security reviews and assurance activities to validate security compliance across IT and OT systems.
* Provide security guidance and direction to stakeholders, ensuring alignment with security frameworks and risk management practices.
* Participate in cyber analysis activities, assessing outputs to help shape security direction and strategy.
* Implement security tools and technologies, supporting their integration into existing security architecture.
* Engage with key stakeholders, including operational technology teams, business units, and third-party vendors, to enhance security postures.
* Conduct technical documentation reviews, ensuring security considerations are well-defined and implemented.
Skills & Experience:
* Enterprise Security Architecture Expertise: Experience in security design and assurance, particularly within large-scale IT and OT environments.
* Security Frameworks: Strong understanding of security frameworks such as NIST, ISO 27001, IEC 62443 (for OT), TOGAF, or SABSA.
* IT & OT Security:
* IT Role: Expertise in securing enterprise IT environments, cloud security, and network security.
* OT Role: Experience working with industrial control systems (ICS), SCADA security, and operational technology security.
* Stakeholder Engagement: Ability to communicate effectively with technical and non-technical stakeholders, providing security direction and guidance.
* Technical Documentation: Strong documentation skills for security designs, policies, and procedures.
* Cybersecurity Tooling: Familiarity with security tools and technologies, including SIEM, firewalls, endpoint protection, and industrial cybersecurity solutions.
* Regulatory & Compliance Awareness: Understanding of industry regulations and compliance requirements relevant to IT and OT security.
Preferred Experience:
* Experience in the utilities sector or similar critical infrastructure environments.
* Strong understanding of how enterprise security architecture fits into broader business and IT strategies.
* Hands-on experience conducting security assessments and risk analysis within IT and OT environments.