Security Architect and Manager

Job Description

Key responsibilities Management of technical security compliance with company policy, educating stakeholders and working with them to achieve and record technical security compliance Owns the Technical Security Policy (TSP), maintains and reviews that document in keeping with legislative, regulatory and policy requirements, communicates content to stakeholders Provides consultation on the technical security road map for the business, including technical aspects such as anti-malware, Data Loss Prevention (DLP), Security Event and Incident management (SIEM) and Intruder Prevention / Detection Systems (IPS/DPS) Fully collaborates with the Solutions Architect where required to assist in specific project design and implementation activities Ensures that technical security processes and procedures are maintained in keeping with compliance requirements Acts as a technical security Subject Matter Expert (SME) for the business as a whole, Manage technical vulnerability assessments (including regular penetration testing) of IT systems and processes, identifying potential vulnerabilities, making recommendations for risk mitigation and lead the implementation of any subsequent approved changes Keeps abreast of security vulnerabilities and implements a proactive defensive strategy for the company to defend against electronic threats Engage with our Internal auditors to deliver robust improvement strategies, risk management practices and continual improvements relating to all facets of information security Evaluate existing and new products and third-party security cloud-based security capabilities in keeping with internal processes and make recommendations Provide full support for security incidents including the management of forensic investigations, identifying and implementing resolutions in keeping with internal process. To support and contribute to the organisations corporate goals and business objectives. Act as a point of escalation to Service Desk Analysts and support them in identifying, troubleshooting and resolving security issues. Work closely with the IT Security Analyst and the Risk & Compliance team for proactive management and mitigation of risks and issues Embrace change defined by the Hill Dickinson IT Project Roadmap. Support the IT departmental policies for the organisation which includes all service delivery matters, technological matters, hardware and software procurement & IT services sourcing. Work in a collaborative way with all IT teams to support the implementation of the IT vision and strategy. What we are looking for Essential: Broad range of experience in managing and delivering security solutions Experience of Cloud hosting (Azure) / on-prem technologies and in-depth understanding of associated security management controls Demonstrates a wide range of security understanding in technology across differing platforms Excellent senior stakeholders communication Demonstrates in-depth understanding of security principles and methodologies Demonstrates in-depth knowledge of security management frameworks e.g. ISO 27001 Demonstrates good knowledge of the security marketplace, products and capabilities and understands the relationship between a variety of common security solutions Demonstrates in-depth and hands-on knowledge of Active Directory / Azure AD, Windows and VMware operating systems. Experience in delivering security projects against compliance requirements Desirable: Knowledge of risk management concepts and methodologies Knowledge of penetration and threat testing methodologies and approaches, including external test targets e.g. OWASP, NIST Knowledge of security baseline standards e.g. CIS Benchmarks Experience of working in a senior IT Security role Trading as TEKsystems. Allegis Group Limited, Maxis 2, Western Road, Bracknell, RG12 1RT, United Kingdom. No. 2876353. Allegis Group Limited operates as an Employment Business and Employment Agency as set out in the Conduct of Employment Agencies and Employment Businesses Regulations 2003. TEKsystems is a company within the Allegis Group network of companies (collectively referred to as "Allegis Group"). Aerotek, Aston Carter, EASi, Talentis Solutions, TEKsystems, Stamford Consultants and The Stamford Group are Allegis Group brands. If you apply, your personal data will be processed as described in the Allegis Group Online Privacy Notice available at en-gb/privacy-notices. To access our Online Privacy Notice, which explains what information we may collect, use, share, and store about you, and describes your rights and choices about this, please go to en-gb/privacy-notices. We are part of a global network of companies and as a result, the personal data you provide will be shared within Allegis Group and transferred and processed outside the UK, Switzerland and European Economic Area subject to the protections described in the Allegis Group Online Privacy Notice. We store personal data in the UK, EEA, Switzerland and the USA. If you would like to exercise your privacy rights, please visit the "Contacting Us" section of our Online Privacy Notice at en-gb/privacy-notices for details on how to contact us. To protect your privacy and security, we may take steps to verify your identity, such as a password and user ID if there is an account associated with your request, or identifying information such as your address or date of birth, before proceeding with your request. If you are resident in the UK, EEA or Switzerland, we will process any access request you make in accordance with our