Primary role purpose:
The security architect plays an integral role in defining and assessing the organisation's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
The role of the information security architect demands business insight; technical acuity; and the ability to think, communicate and write at various levels of abstraction.
- Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services
- Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use, based on security, financial, operational and commercial metrics
- Liaise with other security architects and security practitioners to share best practices and insights
- Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices
- Develop and maintain security architecture artifacts (e.g., models, templates, standards, patterns & procedures) that can be used to leverage security capabilities in projects and operations
- Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
- Participate in application and infrastructure projects, and commercial product/service development activities to provide security design and consultancy advice
- Draft security procedures and standards to be reviewed and approved
Eames Consulting is acting as an Employment Agency in relation to this vacancy.