Security Governance, Risk and Compliance Solution Architect
We need a solution architect to support the delivery of strategic cyber control solutions within the security governance, risk and compliance (GRC) sub-domain, covering vulnerability and compliance management, security governance and assurance, and risk management. Experience of working with Qualys, ServiceNow SecOps and Cloud Technologies would be an advantage, as well as agile methods and DevSecOps tooling.
Initial work focusing on solution architecture definition, including process, information and component architectures. Responsible for making sure solutions and their non-functional capabilities are defined and delivered (including observability, integration, security, service, domain separation etc). Projects include, but not limited to the following.
1. Vulnerability issue management supporting Spinnaker workflow
2. Workplace (design assurance) replacement
3. Third party risk management Ariba/ServiceNow spoke integration
4. DevSecOps compliance tooling integration
5. Pre-project sizing to support new initiatives
You will have the following responsibilities
* You will lead and/or be accountable for defining security solution architectures as required across the business with a demonstrable level of expertise and capability for solution definition which includes governance, compliance, standards, risk, design patterns, collaboration, metric implementation, and guardrail management
* You will work collaboratively with the Enterprise Architects, bringing solution specific expertise into decision making
* You will support strategic architecture projects with detailed security solution architecture input ensuring that solutions are created securely with consideration to business outcomes and value
* You will always ensure that solutions are created with an absolute focus on overarching usability, and the associated service wrap. All solutions must always make a provable, tangible contribution to the value of a dependent service and integrate and complement one another, where appropriate
* You will create solution patterns and briefing documents that are reusable, repeatable, and transferable
* You will work collaboratively with both business and technical teams to help deliver security solutions including overseeing implementations of designs
* You will develop and own roadmaps for security technologies and processes that align to relevant strategies, policies, standards and practices
* You will support enterprise architects during vendor selection to help choose vendors that meet business requirement and drive the best value for money
* You will contribute to research including proof of concept and proof of value initiatives
* You will need to understand the implications of transformation by working with business technology stakeholders
You will have the following
Experience
* Evidence of delivery in solution architecture in large scale complex environments
* Familiarity of the processes and artefacts associated with EA frameworks such as TOGAF
* A background that includes cyber security, ideally with operational/delivery /forensics/etc.
* Experience of contributing to or producing business cases, gaining approval from stakeholders and ensuring delivery of business benefits
* Have experience in being a subject matter expert in a technology field
skills
* Be self-motivated, organised, proactive and flexible in your approach to work
* Be comfortable both challenging and working to strict deadlines
* Ability to visualise, articulate and solve complex problems and concepts
* Excellent communication and presentations skills with the ability to adapt to the target audience
* The ability to interpret stakeholders needs, business and technical issues
* Have an enquiring mind, thirst for knowledge and a willingness to learn
Qualifications
* Possess a recognised formal security qualification in security such as CISSP, CISM, or have equivalent experience such as 5+ years in a security role
LA International is a HMG approved ICT Recruitment and Project Solutions Consultancy, operating globally from the largest single site in the UK as an IT Consultancy or as an Employment Business & Agency depending upon the precise nature of the work, for security cleared jobs or non-clearance vacancies, LA International welcome applications from all sections of the community and from people with diverse experience and backgrounds.
Award Winning LA International, winner of the Recruiter Awards for Excellence, Best IT Recruitment Company, Best Public Sector Recruitment Company and overall Gold Award winner, has now secured the most prestigious business award that any business can receive, The Queens Award for Enterprise: International Trade, for the second consecutive period.
