en

Services

The UK's leading employers trust us to deliver fast, efficient talent solutions that are tailored to their exact requirements. Browse our range of bespoke services and resources.

Read more
Jobs

Let our industry specialists listen to your aspirations and present your story to the most esteemed organisations in the UK, as we collaborate to write the next chapter of your successful career.

See all jobs
Candidates

Together, we’ll map out career-defining, life-changing pathways to achieve your career ambitions. Browse our range of services, advice, and resources.

Learn more
Services

The UK's leading employers trust us to deliver fast, efficient talent solutions that are tailored to their exact requirements. Browse our range of bespoke services and resources.

Read more
About Robert Walters UK

Since our establishment in 1985, our belief remains the same: Building strong relationships with people is vital in a successful partnership.

Learn more

Work for us

Our people are the difference. Hear stories from our people to learn more about a career at Robert Walters UK

Learn more

Lead Security Architect (DevSecOps) - 90% remote

Save job

My client, an International Insurance firm, based in London, are looking for a Lead Security Architect with relevant DevSecOps experience. For this role you need to be in their offices only a few times per month. This role pays up to £110K plus a £6K car allowance plus a 25% bonus.

About the Lead Security Architect (DevSecOps) role:

This role will also contribute to embedding a secure by default and zero trust approach, developing architectures that will expedite my client's adoption of new technologies and meet the evolving threat landscape. They will also deputise for the Chief Security Architect when appropriate. Improving their DevSecOps approach and developing their SDLC capabilities is considered a critical capability to support my client in realising the ambitions of the new Technology Strategy.

  1. Accountabilities and Activities

Lead Security Architect (DevSecOps)

Global Security Patterns for use of SDLC and CI/CD (GSPs)

Delivery of POCs/POVs

SDLC Engineering Templates

Technical Reference Models

Security Capability Requirements (SCRs)

Technical Security Configurations (TSCs)

Strategy and Leadership on secure pipeline adoption and the embedding of security into the application lifecycle.

Support to projects leading on SDLC DevSecOps adoption across MUs

Coordination of effort across MUs

Lead on adoption of SDLC/DevSecOps tooling and architectures.

  1. Qualifications, Training and Experience

Communicating risk to senior stake holders and leading collaboration across multiple areas.

Has experience of developing and designing novel security controls in a cloud environment.

Familiar with secure development life cycle and DevSecOps operational models and strategies.

Has experience of delivering cloud architectures to:

  • Identify single points of vulnerability and common architectural flaws
  • Identify security issues relating to configuration of components in a deployment architecture
  • Validate and explain how common and complex, chained attack methods are mitigated by the design
  • Identify areas where detailed technical analysis will be required to understand important nuances that could have significant security implications
  • Articulate security issues, propose and prioritise appropriate mitigation options, taking into consideration other potential technology and business constraints (functional impact, cost etc.)
  • Contributes to the design of deployment architectures and operational models that solve common business problems, including specifying required security controls
  • Understands the context and has required domain knowledge to tailor advice to the specific need of the customer
  • Development of patterns and principles to communicate security concepts to a wide audience

Desirable Skills – Expert

In addition to the minimum skills, desirable skills are demonstrated by experience of the following:

  • Designs and reviews cloud architectures, secure pipeline-based deployment and embedding security into development lifecycles for a broad range of complex or uncommon requirements to identify security weaknesses and recommend mitigations
  • Designs (or significantly influences) the technical design of a system to enforce security properties that have been derived from first principles to meet a complex or uncommon set of requirements in the context of secure development and deployment pipelines as part of a secure SDLC
  • Follows a methodical and repeatable approach to reviewing the security of a system architecture, and can describe that approach
  • Advises on security architecture implications of technological trends when applied to existing systems, such as migration to the cloud. Can explain how those technologies change the security approach required
  • Contributes to new and innovative security architecture guidance for others to re-use
  • May have one or more technology specialisms where they are regarded as an expert in how their specialism supports security architecture design (g. secure application deployment, application security, networking, applications, microservice architectures/zero trust, identity).

If the above role is of interest please apply to this ad or call me on 0207 509 8040 to find out more.

Robert Walters Operations Limited is an employment business and employment agency and welcomes applications from all candidates

Contract Type: FULL_TIME

Specialism: Information Technology

Focus: Information Security

Industry: Banking

Salary: £90,000 - £110,000 per annum + + £6K car allowance + 25% bonus

Workplace Type: Hybrid

Experience Level: Senior Management

Location: London

Job Reference: BGQEO4-19E753ED

Date posted: 14 November 2024

Consultant: Darius Goodarzi

I'm Robert Walters Are you?

Come join our global team of creative thinkers, problem solvers and game changers. We offer accelerated career progression, a dynamic culture and expert training.