Information Security Architect, Flexible, UK

Business Unit: Technology

Location: Chester - Head Office

Contract Type: Permanent/Full Time

Closing Date: 28 February 2019

Information Security Architect, Flexible, UK

The Information Security Team…

Are accountable for GBG’s Cyber Security, Information Security, Security Compliance, and Information Risk mitigation.


The Role…

Reporting to the Head of Technical Security, the Security Solutions Architect will be responsible for ensuring delivery of security technologies, infrastructure, networks and systems across the GBG estate, such as; cloud, identity management, DLP, SIEM, MFA. You will be responsible for designing, building, testing and implementing security solutions across the above areas, in conjunction with IT and operational teams as well as providing advice and guidance to the business regarding security best practices.


What you’ll do…

• Responsible for engaging with internal customers and stakeholders to ensure requirements are understood and appropriate IT Security controls are in place to meet the requirements
• Architect IT security solutions and technically lead their implementation within GBG
• You will be instrumental in providing assurance through the Design, Build and Testing of all GBG products working closely with Cyber Security Operations and Information Assurance Teams to ensure all risks are identified and mitigated prior to the solution going live
• Define standards and templates for the production of high and low level designs, network diagrams, run books and operational processes
• Gain and maintain a working knowledge of the GBG portfolio of products and services
• Create security standards/principals for GBG architectural, design and Information Security teams to follow and adhere to
• This will also include cultivating a culture of security awareness by mentoring business and technical teams as an SME and ensuring security policies, cloud security standards are adhered to at all times.
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
• Ensures compliance to legal and regulatory requirements such as the Payment Card Industry Data Security Standard (PCI-DSS), ISO27001, SWIFT, GDPR and other relevant requirements across GBG
• Position GBG to meet existing and future security technology demands and provide continuous improvement services to business units and Information Security alike
• Act as a subject matter expert on all areas of technical assurance and Design


To help you be successful, we’re looking for…

• You’ll be someone who loves to make things happen, who can communicate complex technical issues in a clear manner, be someone passionate about identifying and delivering simple solutions to complex problems
• Someone who is willing to engage with the business, knowing when to work collaboratively and when independence is required
• Relevant security product knowledge including SIEM, EndPoint Protection, DLP, MFA, etc
• Comprehensive knowledge of networks and infrastructure
• Ability to assess rapidly changing security technologies and apply them to business IT solutions
• Ability to remain unbiased to specific technologies or vendors, providing an objective and fact-based viewpoint
• Excellent interpersonal skills coupled with the ability to communicate effectively both verbally and in writing with all levels within the organisation
• A high degree of integrity and confidentiality is required
• Minimum of 7 years’ experience working in infrastructure or IT Security/Cyber security role
• A proven track record, in designing and implementing security features for a global organisation
• Demonstrated AWS, Azure or other Public/Hybrid/Private cloud experience
• Experienced with Security architecture Design standards, Cloud, Network Topology and frameworks, (OWASP, SABSA, TOGAFv9, CCM)
• Fully conversant with ISO27001, ISO3000, Information security standard, PCI DSS ; knowledge of other security standards and frameworks advantageous
• Be an excellent communicator and collaborator across multiple technical and business stakeholders and leaders
• Demonstrates understanding and use of basic project management methodologies, including the ability to plan, manage and maintain a complex, organisation wide program over the longer term
• Flexibility is key to this role; able to move strategy forward in a rapidly changing environment
• Experience in developing, documenting and maintaining security policies, processes, procedures and standards
• Certification from CISSP or other certifications at the discretion of the hiring manager such as CESG Certified Professional – IA Architect, AWS

• Hold at least one of the following: CISM, CISSP, CISA, MCSE, MCSA
• IT related degree or equivalent experience

Apply now