enterprise security architect}

POINTS BASED SYSTEM (PBS) VISA CALCULATOR

OCCUPATION TITLE

Cyber Security Specialist

SOC CODE

2139

MINIMUM SALARY

£25,440

MANDATORY RULES

Job offered by a licensed sponsor.

Job at an appropriate skill level (RQF 3 or above).

English language skills at level B1 (intermediate).

TRADEABLE RULES

Salary of at least £25,600 or the going rate of the profession (whichever is higher).

Job in a Shortage Occupation List (SOL) and the salary is over 80% of the going rate for that occupation.

Salary is at least £23,040 or over 80% of the going rate for the profession (whichever is higher).

Listed health or education job.

🚫 You must satisy all mandatory requirements

80/70

Please note that we are using automated algorithms to check visa rules and may sometimes be wrong.
This information does not constitute legal advice and is provided for general information purposes only.

As a business, Hermes is driven by our four values of Do the right thing; Dare to be different, Strive for more and Be Customer Obsessed. We run our business by these values, and they are reflected in all of our roles.

Job purpose:

To work within the Enterprise Architecture team to own and develop the Hermes security strategy, architecture and practices. The Enterprise Security Architect will be required to own the process to ensure new solutions meet security standards and align with the strategy.

About the Role:

The role will require a continuous review of existing solutions and work with the internal and external audit to ensure Hermes, our partners and clients continue to meet high standards of security.

The Enterprise Security Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.

You will be accountable for:

Setting and owning the strategic direction for IT Security within the Organisation
The IT security roadmap to improve the security landscape
Security architecture artefacts (e.g. models, templates, standards and patterns)
The IT security aspects of application and infrastructure projects across multi-million-pound business transformation activities
Validating security configurations of and access to security infrastructure technology, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
IT Security assessments of new services and continuous evaluation of the existing estate
IT Security assessments of current and prospective vendors, especially those with which the organisation shares intellectual property (IP), as well as regulated or other protected data, e.g. software as a service (SaaS) providers, cloud hosting providers, managed service providers (MSPs)
Supporting the Internal Audit team to review and evaluate the design and operational effectiveness of IT security-related controls
The data flow of sensitive information in the organisation (e.g., PII) and recommend controls to ensure that this data is adequately secured (e.g., encryption and DLP)
The IT Security aspects of our client audit activities and responding to the IT aspects of client audit requests

Knowledge & Experience:

Five years minimum experience in Cyber Security
Strong working knowledge of security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
Experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises for applications and services
Experience designing the deployment of applications and infrastructure into public cloud services, e.g. Amazon Web Services (AWS)
Ideally from a PCI DSS or ISO 27001 compliance background

Knowledge of TOGAF or other architectural frameworks

Technical & People Skills:

To be able to interpret business, technology and threat drivers, and develop practical security roadmaps to deal with these drivers
Active Directory best practices
Lead projects for security service and technology deployments and coordinate with teams across the organisation
Ensure the security strategy and artefacts are kept current with emerging threats

Impact & Influence

Work with the rest of the Enterprise Architecture team to maintain target architectures and roadmaps for delivery
Communicating and governing architectural strategy, principals and best practice across a wide variety of technical and non-technical stakeholders at levels of the business
Influence the design and delivery of technical solutions to ensure adherence to architectural principals and standards
Coordinate with DevOps teams to advocate secure cloud practices

« Return to the search results

enterprise security architect

HERMES PARCELNET LTD

POINTS BASED SYSTEM (PBS) VISA CALCULATOR