Job Description

Location: London or Leeds twice a week Salary: £80,000 to £105,000 + 25 days Holiday + Electric Car Scheme + Training/Certifications + MORE! Due to the security classification of the work, you must be SC Cleared or eligible. The job on offer Working alongside the Project Manager, to translate business objectives into a project scope, and subsequently defining technical requirements. Demonstrable experience in the production of technical design documentation, working within a multi-disciplined, multi-supplier environment, planning, and delivering quality results within agreed timescales. You will deliver security assessments and perform a key role in Security assessments while supporting various critical initiatives through the identification, analysis, evaluation, lifecycle management and adoption of security architectures and technologies As part of the role you will be required to: Work closely and liaise with senior security stakeholders e.g. systems assurance, accreditors, SWG's (Security Working Groups), TDA etc Develop and implement technical designs risk assessments for cloud technologies & applications. Be familiar with security standards, governance & controls - NIST, NCSC, CIS, ISO27K family, CSA CCM, OWASP etc Review technical security & process documentation Good stakeholder management, including working with senior management. Good all-round IT knowledge & experience Cloud security Experience of architecting cloud based systems using industry best practices Have an understanding of cloud applications & API functionality Understand cloud services in particular Azure Develop on-premise to security cloud migration strategy Implementing frameworks for Saas, IaaS and PaaS deployment s aligned to industry best practise e.g. Cloud Security Alliance (CSA), NIST, NCSC Carry out gap analysis / risk assessment of existing on-premise and cloud deployments Develop and as assist in the implementation of DevSecOps processes Relevant InfoSec Qualifications (highly desirable) The role holder is likely to hold one or more of the following security or engineering/architecture specific certifications, CISSP, SABSA TOGAF, GIAC, Azure/AWS/Google Cloud Certifications or those relevant to the role

Quick response

Required Knowledge

• K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
• K0004   Knowledge of cybersecurity and privacy principles.
• K0005   Knowledge of cyber threats an`d vulnerabilities.
• K0047   Knowledge of information technology (IT) architectural concepts and frameworks.
• K0101   Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
• K0194   Knowledge of Cloud-based knowledge management technologies and concepts related to security, governance, procurement, and administration.
• K0059   Knowledge of new and emerging information technology (IT) and cybersecurity technologies.

Required Skills

• S0038   Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system.

Required Abilities

• A0039  Ability to oversee the development and update of the life cycle cost estimate.
• A0056  Ability to ensure security practices are followed throughout the acquisition process.