Security Architect

Apply Now
Company
ARM
Job location
Cambridge, UK
Salary
Undisclosed
Posted
Hosted by
Adzuna
rezi_2024_august_sidebar

Job details

Job Overview: The role will spend time helping teams come up to speed with refreshed approaches to security requirement identification, threat modelling, coding standards, and security testing, with a focus on applying these concepts to traditional and modern infrastructure in green-field and existing deployments. It will involve taking learnings from these activities to inform and construct the 'middleware' that makes the right security choices easier to make and implement for responsible teams. As our GRC world evolves, this role will play a pivotal role in maintaining alignment between SDL and policies, standards and guidelines, using a common security framework to apply consistency. Finally, the role will add to our general security consulting and review capacity, including assisting GRC teams where required. Responsibilities: Maintain and develop standards and guidance that contributes to SDL maturity in the IT team. Help traditional infrastructure teams develop strategies for meeting the spirit of SDL requirements, pushing towards use of automation, infrastructure-as-code, & DevOps methods rather than manual or golden image techniques. Evolve risk identification and security requirement identification processes and supporting documentation. Develop implementation-specific architecture templates that meet security requirements expressed in policy and standards. Assist with security reviews of and technical input into high-level and low-level designs where required. Assist with GRC consultation queries where required. Invest in others, including application development and infrastructure teams, to support business applications and processes in new ways. Afford mentorship regarding solutions and concepts. Foster a culture of innovation within the architecture and broader IT team. Required Skills and Experience: Bachelor's degree in computer science, information technology, or a related field; or equivalent experience/professional/industry certifications. Exposure to large enterprise platforms such as SAP and Salesforce. Demonstrated experience implementing SDL in non-software contexts, including infrastructure. Experience with Infrastructure-as-Code (IaC) and automation through DevOps, and tools such as Jenkins, Terraform and Ansible. Prior experience working with recognised security frameworks from ISO, NIST, etc, and with neutral/harmonisation frameworks like UCF (Unified Compliance Framework). Experience designing security controls (covering both technology and processes) to meet security framework requirements, policy-mandated controls, and/or controls called for by output of threat modelling. Solid technical understanding of both on-premise infrastructure (network, platform, network-based storage, OS, virtualisation), cloud infrastructure (AWS, GCP, Azure, and others), and technologies found in both (e.g. docker, Kubernetes). Strong motivation and drive, with the ability to operate across multiple projects simultaneously, including those that span geographies. A passion for optimisation and a desire to motivate change “Nice To Have” Skills and Experience: Understanding of identity & access management for both people & systems. Understanding of software engineering Knowledge of Arm based compute & software. Relevant vendor certifications.
Apply Now
Other Jobs
Loading...
Get the freshest news and resources for developers, designers and digital creators in your inbox each week
Loading form
Start Free Trial
Connect
RSSFacebookInstagramTwitter (X)
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
© 2000 - 2024 SitePoint Pty. Ltd.