Security architect

Security Architect
You'll provide technical expertise on matters pertaining to information security, as well as being an active member of the security architecture team helping to build strong relationships across the business, to enable a good understanding of changes in the pipeline and be in a position to influence ideas, initiatives and designs early on.
Being responsible to enable the delivery of secure products to customers through proactive engagement with the development and DevOps teams, as well as ensuring projects and business initiatives are delivered securely with residual risks articulated clearly for the business to make a decision on.

• Requires in-depth technical knowledge and experience; has developed specialised skills or is multi-skilled
• Applies best practices and knowledge of internal/external business challenges to improve products, processes or services
• Has developed depth and breadth of expertise in information security and architecture and moderately deep knowledge of other technical teams remits
• Solves, and leads others to solve unique and complex technical problems with a positive impact on the business
• Anticipates customer needs; assesses requirements and identifies new solutions
• Develops and ensures successful implementation of policies, processes and standards aimed at continuous improvement
• Provides full information, analysis and authoritative recommendation which is likely to be accepted by the decision makers
• Makes decisions guided by both internal policies and external industry guidelines in non-standard situations
• Develops business or technical rationale that impacts resource allocation, programme, or project support and direction
• Is accountable for technical contribution to project team
• Builds awareness of costs related to own work

Key Skills and Experience
This role would suit someone with an application security / development background with experience in Security Architecture, to include:

• Good knowledge of using a backlog management solution, e.g. JIRA
• In particular, we would like to target people with experience with OAuth 2.0, OpenID Connect, XACML and/or SCIM.
• Ability to demonstrate advanced understanding in the field of Information Security in terms of both concepts and technology
• Experience working with Cloud solutions, including securing Azure/AWS platforms
• Knowledge and experience of working with OWASP
• Experience of security governance and compliance (e.g. GDPR, PCI-DSS, ISO27001)
• An excellent level of attention to detail and a strong sense of ownership
• Ability to articulate complex technical or sensitive issues to a wide audience is essential
• Ability to work both individually with minimal supervision in addition to working as a part of larger teams on projects of varying complexity