Security Architect
Permanent - Full TimeJob Overview
As a Security Architect at Actica, you will have the opportunity to provide support to a wide range of high-profile UK public sector and defence organisations. You will help ensure the security of nationally critical projects that make a real difference to people’s everyday lives.
You will provide consultancy to UK public sector and defence organisations to help them protect their systems and data whilst ensuring they meet the needs of their users. You will analyse threats, develop security solutions and ensure that security is embedded in delivery and operation. You will also research and assess new or unfamiliar technologies to identify security benefits and potential weaknesses.
Our position as a client-side advisor means that this role requires significant stakeholder engagement, dealing directly with the client, including in resolving day-day issues involved in assignment delivery and developing follow-on opportunities, so excellent interpersonal and influencing skills are essential. You will produce high-quality formal deliverables, sometimes to challenging timescales.
Key Responsibilities
Working either individually or as part of a larger Actica team, you will undertake consultancy assignments that could include:
- Direct engagement with clients to understand their cyber security threats, risk appetite and constraints.
- Identifying security risks and appropriate countermeasures.
- Working with solution architects and risk advisors to define and document an appropriate security architecture to meet the business need and address the cyber security threats.
- Selecting appropriate security controls and allocating them to solution components.
- Providing assurance to ensure that solutions address the cyber security threats.
- Supporting production of cyber security policy and processes.
- Supporting client procurements, including developing security requirements and evaluating options.
Skills, Knowledge and Expertise
A track record in security architecture for digital projects or programmes is essential, with experience within the Defence and / or UK Public Sector being desirable.
You must hold at least one security architecture relevant qualification (e.g. a relevant degree, CISSP etc.).
The fast-changing nature of the ICT environment together with the need to resource multiple, ad-hoc assignments also requires the individual to be intellectually agile, proactive and self-motivated – with the ability to apply a structured approach to often unfamiliar subject matter.
A broad experience of cyber security is highly desirable, including:
- Threat modelling and risk management.
- Security architecture principles and frameworks (e.g., Zero Trust, SABSA, TOGAF, NIST)
- Public and private clouds.
- Network security, identity, credential and access management (ICAM), encryption, and endpoint security.
- Application security for Software as a Service (SaaS), COTS applications and bespoke software.
- Software Development Lifecycles including SecDevOps and CI/CD pipelines
- Operational Technology.
- Operating at multiple classifications (Official, Secret and Top Secret) and the security of cross domain solutions.
You may not feel that your skills precisely match the requirements of this job specification; however, we encourage you to apply if this is a role that appeals to you. We require individuals with a broad skillset, so there may be other aspects of your experience which are equally important to us, but that are perhaps not listed in the role specification above.
Actica aims to nurture a diverse workforce through inclusive working practices, promoting equality in our recruitment activities, and by employing candidates on the basis of merit. Discrimination against individuals on the grounds of protected characteristics is not permitted and we take steps to ensure that our staff are made aware of their legal responsibilities when making hiring decisions.
We are keen to improve diversity within our organisation and the industries in which we work, and hope to employ individuals who share that view.
While Guildford is our home base, consultants typically spend their time working remotely. For most clients, consultants spend 2-3 days working remotely and 2-3 days co-located with colleagues at a client’s site or our office in Guildford. For some projects, there will a requirement to work up to 5 days a week co-located with colleagues. All work is team based, with a high level of engagement with other Actica and client team members.
Candidates must be eligible and willing to gain UK Security Clearance to apply for this position.