Security Architect (Application Migration)

Security Architect (Application Migration)

Insurance

Fully remote

6 months

£750 per day

In short: A part of our business is separating away from the group and we need a Security Architect to migrate a large number of Applications.

Job Purpose:

The Security Architect is responsible for ensuring robust security solutions protecting our Service's sensitive data and IT infrastructure. This role involves contributing and reviewing designs, conducting risk assessments, developing security policies, and ensuring compliance with industry regulations.

Responsibilities:

  • Information Security - Lead in detecting and analysing security incidents including attacks, breaches, and identified vulnerabilities and remediate any security gaps in line with the security incident management procedure.
  • Information and Business Advice - Provide specialist advice on the interpretation and application of policies and procedures, resolving complex or contentious queries and issues and enabling others to take appropriate actions.
  • Stakeholder Management - Plan and deliver stakeholder engagement activities to develop effective project working relationships and to ensure that stakeholder needs and concerns are identified and met.
  • Enterprise Architecture - Create/manage architecture storyboards/viewpoints that articulate business requirements.
  • Analysis of "As Is" and "To Be" - Document "as is" and "to be" processes and describe the changes required to migrate to the "to be" capability to record accurately the change required.
  • Horizon Scanning - Explore and develop a detailed understanding of external developments or emerging issues and evaluate their potential impact on, or usefulness to, the organisation.
  • Organisational Risk Management - Ensure the organization is not exposed to undue risks by using risk management systems to achieve specific goals within a designated area of the business.
  • Operational Compliance - Monitor and review performance and behaviours within area of responsibility to identify and resolve non-compliance with the organisation's policies and relevant regulatory codes and codes of conduct.
  • Policies and Procedures Development - Draft policies, procedures, and related guidelines within an area of expertise to meet defined key principles and ensure compliance with external requirements.
  • Personal Capability Building - Act as subject matter expert in an area of technology, policy, regulation, or operational management for the team. Maintain external accreditations and in-depth understanding of current and emerging external regulation and industry best practices through continuing professional development, attending conferences, and reading specialist media.

Behaviours:

Manages Complexity - Makes sense of complex, high quantity, and sometimes contradictory information to effectively solve problems. For example, asks questions to encourage others to think differently and enrich their analyses of complex situations. Accurately defines the key elements of complex, ambiguous situations.

Optimises Work Processes - Knows the most effective and efficient processes to get things done, with a focus on continuous improvement. For example, pays close attention to a variety of metrics and benchmarks; determines both major and subtle ways to optimise processes. Swiftly resolves process breakdowns; takes steps to ensure that problems do not recur.

Cultivates Innovation - Creates new and better ways for the organisation to be successful. For example, approaches professional work in unique or innovative ways. Offers original ideas.

Appreciates others' creative ideas and solutions and provides helpful input to enhance them.

Business Insight - Applies knowledge of business and the marketplace to advance the organisation's goals. For example, has a sophisticated grasp of business drivers, finds new ways to increase own contribution. Stays attuned to business and industry changes, ensures own activities remain aligned to key objectives.

Ensures Accountability - Holds self and others accountable to meet commitments. For example, measures and tracks team's and own performance, and helps the team learn from success, failure, and feedback. Adheres to, and enforces, goals, policies, and procedures.

Action Oriented - Takes on new opportunities and tough challenges with a sense of urgency, high energy, and enthusiasm. For example, takes timely action on important or difficult issues. Identifies and pursues new opportunities that benefit the organization.

Balances Stakeholders - Anticipates and balances the needs of multiple stakeholders. For example, ensures that own efforts meet the needs and requirements of internal and external stakeholders. Works to identify all relevant issues and satisfy the interests of multiple stakeholders during the decision-making process.

Communicates Effectively - Develops and delivers multi-mode communications that convey a clear understanding of the unique needs of different audiences. For example, listens attentively and takes an interest. Keeps others well informed; conveys information clearly, concisely, and professionally when speaking or writing.

Situational Adaptability - Adapts approach and demeanor in real time to match the shifting demands of different situations. For example, finds out which situations call for flexibility and responds accordingly; seeks and listens to others' input and feedback on how to adapt approach to changing situations.

Skills:

  • IT security - Uses comprehensive knowledge and skills to act independently while guiding and training others on maintaining the security, integrity, compliance and continuity of IT systems and services.
  • Architecture - Uses comprehensive knowledge and skills to act independently while guiding and training others on designing architectures that meet system and service requirements.
  • IT Implementation and integration - Works without supervision and provides technical guidance when required on implementing, configuring and optimsing IT systems and services, while ensuring smooth integration with existing IT infrastructure.
  • Business Requirements Analysis - Uses comprehensive knowledge and skills to act independently while guiding and training others on analysing the business requirements that IT solutions must meet.
  • Analyse Current State/AS-IS State - Works with full competence to understand business context, needs, rules, and architecture, as well as organizational structure, cultures, capabilities, and processes to document the current state of processes and the business. Typically works without supervision and may provide technical guidance.
  • Define Future State/TO-BE State - Works with full competence to envision and document the future state of processes and products by identifying the solution scope, potential value of the future state, and the changes to the process, products, organisation infrastructure, capabilities, and technology necessary to achieve the desired future state. Typically works without supervision and may provide technical guidance.
  • Policy and Regulation - Works independently and provides guidance and training to others while interpreting and applying comprehensive knowledge of laws, regulations and policies in area of expertise.
  • Compliance Management - Uses comprehensive knowledge and skills to act independently while guiding and training others on achieving full compliance with applicable rules and regulations in management and/or operations.
  • Risk Management - Identifies, assesses, prioritises and manages risks without supervision and provides technical guidance when required.
  • Stakeholder Expectation Management - Works with full competence to identify potential stakeholders, analyse their expectations, and develop strategies for managing stakeholders and their expectations. Typically works without supervision and may provide technical guidance.

Experience:

  • Experience with security related software and systems such as SIEM
  • Knowledge of Security Architecture Frameworks such as SABSA or equivalent
  • Knowledge of Cyber Security Frameworks such as NIST, ISO 27001 or equivalent
  • Some experience of agile working e.g. SAFe
  • Managerial Experience
  • Experience of general supervision of more junior colleagues

Candidates will ideally show evidence of the above in their CV in order to be considered.

Please be advised if you haven't heard from us within 48 hours then unfortunately your application has not been successful on this occasion, we may however keep your details on file for any suitable future vacancies and contact you accordingly. Pontoon is an employment consultancy and operates as an equal opportunities employer.

We use generative AI tools to support our candidate screening process. This helps us ensure a fair, consistent, and efficient experience for all applicants. Rest assured, all final decisions are made by our hiring team, and your application will be reviewed with care and attention.

Apply Now
Apply Now

Job Details

Company
Pontoon Solutions
Location
England, United Kingdom
Hybrid / Remote Options
Posted