Opportunity for a Security Architect to work for a leading engineering company in Portsmouth on an initial contract basis.
The role will:
- Deliver to the overall security programme development, facilitating decision, planning and implementation of security controls.
- Meet specific Security business objectives whilst maintaining compliance with the principles of professional standards and regulatory obligations.
- Takes responsibility for review of management processes (and decisions) to ensure compliance with the security strategy and standards.
- Is familiar with the Security Policy Framework and Cyber Essentials Scheme and ISO27001 and the principles embedded within them. Ensures that effective application of security controls are in place through audit and risk management.
- Familiarity with MOD process an advantage.
- Engages stakeholder to ensure they understand recommendations to inform decisions. Ensures appropriate representation at project meetings.
- Accountable for the design, specification and creation of new Digital Services solutions that satisfy campaign requirements within both customer and business constraints, including as Design Authority.
- Contribute to the enhancement of Digital Services architecture to satisfy known and future customer requirements.
- Consult with customers, partners, suppliers and key stakeholders to align business objectives with security capabilities.
- Work with partners within BAE Systems to develop better overall Digital Services solutions and share technology, experience and methodologies.
- Responsible to the Product Architecture Manager to ensure Digital Services products and services have the right fit with wider enterprise aspects.
- Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls.
- Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems.
- Investigates suspected attacks and manages security incidents. Uses forensics where appropriate.
- Interprets information assurance and security policies and applies these in order to manage risks.
- Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines.
- Uses testing to support information assurance.
- Contributes to the development of policies, standards and guidelines.
- Expert knowledge and experience in the Functional, Physical and Performance requirements of a modern IT Infrastructure.
- Knowledge and experience of Agile implementations.
- Able to demonstrate knowledge and technical management of design, development and implementation of architecture and IT solutions, and data management.
- Responsible for product certification and acceptance expectations against BAE Systems BMS and/or UK MoD and acting as Design Authority.
- Proven experience in satisfying the objectives of the Product Safety and Environmental policy.
- Able to professionally articulate and represent technical matters up to Tier 2 within Maritime Services and beyond as we work with Maritime businesses and external partners.
- Responsible for the development and maintainenance of technical roadmaps for security aspects of our products and services within the Digital Services portfolio.
- Has the ability to retain a focus on technical compliance, as well as supporting cost and schedule constraints.
- Knowledge & Experience in the use of Enterprise Architecture methodologies to develop IT solutions.
- Contribute to a Maritime Services Digital Services architecture methodology, modelling, and governance framework.
- Knowledge of the UK Defence and Maritime / Naval domain is an advantage.
- Understanding of formal gated design reviews and experience of applying it to IT-based change projects.
- Ability to develop robust business cases which demonstrate realisable business benefits.
- Responsible for interpretation of the business requirements roadmap alongside the product owners and the development of a supporting technical roadmap as far as security is concerned.
PLEASE NOTE: This role has been assessed as INSIDE IR35
AAP3 is acting as an Employment Business in relation to this vacancy.