We are currently recruiting a Security Architect on behalf of one of our well renowned and established clients based in Cambridgeshire. You will be reporting directly into the Head of Security Operations, the Security Operations team provides a suite of operationally focused services to businesses enterprise allowing them to remain vigilant to the state of security and compliance within their environments.
Your Responsibilities will include but are not limited to:
· Developing the systems and processes and daily activities that allow the Security Operations teams to quickly detect, respond, and resolve computer security incidents.
· Overseeing the planning, management, and execution of internal and external customer implementations and 24×7 management of firewalls, IPS/IDS, proxy services within the businesses Datacentre and Remote Sites.
· Managing and leading 24×7 Security Operations Centre activities working to continually improve the level of automation and technical skills.
· Managing systems and processes to detect anomalies and events in a timely manner and ensures the potential impact of events is understood by stakeholders.
· Monitoring information systems and assets at discrete intervals to identify cyber security threats and events and verify the effectiveness of protective measures.
· Performing vulnerability scans and oversees physical and logical penetration tests
· Maintains and tests detection processes and procedures to ensure timely and adequate awareness of anomalous events.
· Define detection roles and responsibility to ensure accountability and compliance with internal and external requirements.
· Conducts analysis to ensure adequate response and support recovery activities.
· Investigates notifications from detection systems and assesses impact of incident.
· Coordinates forensics services through third party agreement. Categorises incidents consistent with response plans
· Performs mitigation activities to prevent expansion of an event, mitigate its effects, and eradicate the incident. Contains and mitigates incidents.
· Improves organisational activities and readiness by incorporating lessons learned from current and previous detection/response activities.
· Applies lessons learned to update response strategies.
· Executes recovery plan during or after an event.
Knowledge & Experience required:
· Technical leadership skills, with extensive multi-vendor Security Management experience.
· Excellent communication skills, strong problem solving abilities, and direct experience managing a large Security organization.
· Experience with SIEM, IDS/IPS, Firewall, Web Application Firewalls, Data Loss Prevention (DLP) and Security Event Correlation.
· The ability to take lead on incident research when appropriate major security incidents.
· Self-motivated and able to work in an independent manner.
· Experience with technical writing
· Possess an understanding of security standards and risk management
· Possess technical acumen and the ability to understand and interpret technical specification
· Possess the ability to adjust and adapt to changing priorities in a dynamic environment
· Be able to multi-task and be pro-active in addressing issues and requests
This is an exciting opportunity to work for a globally known organisation who are well established in their field. If you have the skills and experience required for the position and looking to for your next career move then apply now and one of our team will be in contact if you application is being considered.