Security Architect
- Jaguar Land Rover
- City, Manchester
- 23/09/2022
Full time
Information Technology
Telecommunications
Job Description
Job description:
THE OPPORTUNITY
We are looking for someone who will work closely with stakeholders to define and evolve a system security architecture that is secure by design. You will be a valued member of our Digital Delivery Centre team, contributing to the strategic direction of the technology and solutions delivered.
The Security Architect will work in conjunction with solution architects, product owners, technical leads and security champions to identify the security risks associated with our products using application security threat modelling. Once risks have been identified, the Security Architect will work with those stakeholders to identify secure architectures and requirements that meet the needs of the business. The Security Architect will identify security assurance testing regimes that are aligned with the products and support the teams through their ongoing security assurance journeys.
WHAT TO EXPECT
This role sits within the digital delivery centre in Manchester.
The role is responsible for:
Providing consultation to product teams in security architecture and design, and conduct security reviews of new and existing products and services
Ensuring that solutions are secure by design and are aligned with corporate security policy
Conducting and reviewing threat models to identify security risk
Continual collaboration with stakeholders with a view to being a key part of the product delivery teams' success
Maintaining strong knowledge of current security threats, mitigations and operational security best practices
Providing security training, outreach, and guidance to our internal development teams
Supporting the analysis of business requirements and their interpretation into security deliverables
WHAT YOU'LL NEED
In this position, you'll need a strong knowledge of DevOps and DevSecOps in addition to a comprehensive knowledge of application security threat modelling and security risk management. You have fundamental experience of security architecture within agile delivery frameworks and implementing SDLC process, technology, and automation in a DevOps environment.
Knowledge, Skills and Experience:
Qualifications in Security Management such as CISSP / CSSLP or other Security qualifications.
At least one full project cycle in the role of Security Architect accountable for the end-to-end security architecture of a complex integrated system,
Solid experience of the security solution architecture discipline, ideally as part of a recognised agile secure SDLC
Strong knowledge of application security threat modelling
Strong knowledge of OWASP secure SDLC practices
Extensive knowledge to be able to challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style
A good communicator who can communicate complex ideas to tech and non tech people
An effective team player, actively leads, develops and supports team members
An individual who is resilient, energetic and enthusiastic, able to deliver results, whilst responding constructively to challenging new ideas and inputs
Desirable Technical Skills and Knowledge
Background and previous experience of cloud-based technologies such as AWS and GCP
Message-driven architectures
Real-time data and stream processing
Micro services-based architectures
Relational, non-relational databases (NoSQL), time-series databases, data lakes and analytics
Profile description:
.
THE OPPORTUNITY
We are looking for someone who will work closely with stakeholders to define and evolve a system security architecture that is secure by design. You will be a valued member of our Digital Delivery Centre team, contributing to the strategic direction of the technology and solutions delivered.
The Security Architect will work in conjunction with solution architects, product owners, technical leads and security champions to identify the security risks associated with our products using application security threat modelling. Once risks have been identified, the Security Architect will work with those stakeholders to identify secure architectures and requirements that meet the needs of the business. The Security Architect will identify security assurance testing regimes that are aligned with the products and support the teams through their ongoing security assurance journeys.
WHAT TO EXPECT
This role sits within the digital delivery centre in Manchester.
The role is responsible for:
Providing consultation to product teams in security architecture and design, and conduct security reviews of new and existing products and services
Ensuring that solutions are secure by design and are aligned with corporate security policy
Conducting and reviewing threat models to identify security risk
Continual collaboration with stakeholders with a view to being a key part of the product delivery teams' success
Maintaining strong knowledge of current security threats, mitigations and operational security best practices
Providing security training, outreach, and guidance to our internal development teams
Supporting the analysis of business requirements and their interpretation into security deliverables
WHAT YOU'LL NEED
In this position, you'll need a strong knowledge of DevOps and DevSecOps in addition to a comprehensive knowledge of application security threat modelling and security risk management. You have fundamental experience of security architecture within agile delivery frameworks and implementing SDLC process, technology, and automation in a DevOps environment.
Knowledge, Skills and Experience:
Qualifications in Security Management such as CISSP / CSSLP or other Security qualifications.
At least one full project cycle in the role of Security Architect accountable for the end-to-end security architecture of a complex integrated system,
Solid experience of the security solution architecture discipline, ideally as part of a recognised agile secure SDLC
Strong knowledge of application security threat modelling
Strong knowledge of OWASP secure SDLC practices
Extensive knowledge to be able to challenge existing thinking in a positive way whilst building credibility and trust through experience and personal style
A good communicator who can communicate complex ideas to tech and non tech people
An effective team player, actively leads, develops and supports team members
An individual who is resilient, energetic and enthusiastic, able to deliver results, whilst responding constructively to challenging new ideas and inputs
Desirable Technical Skills and Knowledge
Background and previous experience of cloud-based technologies such as AWS and GCP
Message-driven architectures
Real-time data and stream processing
Micro services-based architectures
Relational, non-relational databases (NoSQL), time-series databases, data lakes and analytics
Profile description:
.
About Jaguar Land Rover