Senior Cyber Security Architect

Job Title: Senior Cyber Security Architect

Location: Manchester UK

Rate: £32.90ph via an Umbrella Company (Inside IR35) or £25.00ph PAYE

Employment Type: Contract

Hours: Standard 40 Hours Per Week

THE OPPORTUNITY:
We are looking for someone who will help our client realise our business vision for a resilient platform that will provide our customers, suppliers and partners with seamless connected services delivered through an industry-leading global platform that will generate new income streams for our business and help drive down costs through the use of data analytics.

Our Security Architects work closely with Stakeholders to define and evolve system security architectures that are secure by design. You will be a valued member of our Offboard Cyber Security Chapter, reporting to Offboard Security Architecture Chapter Lead, contributing to the strategic direction of the technology and solutions delivered.

As a Senior Security Architect, you will work in conjunction with solution architects, product owners, technical leads and embedded security champions to identify the security risks associated with our products using application security threat modelling. You will collaborate with Stakeholders to identify secure architectures, best practices and requirements that enable us to deploy secure systems at scale. You will support our engineering teams through their security assurance journeys working to identify security assurance testing regimes that are aligned with our products.

What to expect in the role:
This role sits within the Offboard Cyber Security Chapter in Manchester, reporting to the Security Engineering Chapter Lead, and would suit those who are technically minded, be that from a cyber security background or those with a software engineering background. This is a senior role in our team but there is still plenty of scope to develop your skills. The role would suite someone with a strong technical background in software development wanting to focus on delivering secure systems at scale.

You will have a drive to grow security culture providing tooling, guidance, and support to a large number of agile development squads working on many projects. We have a strong DevSecOps culture with security being a key principle of everything we deliver, our Security Architects work extremely closely with our product development teams to develop this culture and the processes to support it. We are SME’s and consultants to the rest of our organisation, and act as an escalation point helping teams learn, grow, and overcome any security related challenges.

We work with new and exciting technologies to provide global services for the connected car of the future. We work collaboratively and value each other’s opinions, as part of the team here you will have the opportunity to impact and influence a technology platform used by hundreds of thousands of our customers daily, solving difficult engineering challenges on a global scale. We are reimagining how we deliver secure global solutions in a highly agile environment. We have a strong focus on DevSecOps and empowering engineering teams to deliver and deploy large, secure systems at pace.

Some of our Security Architect’s responsibilities include:

• Providing consultation to product teams in security architecture and design and conduct security reviews of new and existing products and services.
• Developing and owning architectural solutions that deliver this highest standard of security.
• Collaborating closely with Solution Architecture Team to ensure our systems are secure by design.
• Working with engineering teams to create threat models.
• Continual collaboration with Stakeholders with a view to being a key part of the product delivery team's success.
• Maintaining strong knowledge of current security threats, mitigations, and operational security best practices.
• Developing and maintaining Security Patterns and Reference Architectures.
• Supporting the analysis of business requirements and their interpretation into security deliverables.?

What you will need:

• You will be working closely with our engineering teams to help them uncover threats in their solutions, so a strong technical background is required.
• Knowledge of cyber security best practices and a good understanding of security threats and controls is also a must.
• This role is highly collaborative so would suite someone with a desire to work collaboratively across the wider engineering team.
• We are looking for a self-starter, keen to work in a highly collaborative manner supporting our engineers and product teams as we deliver a connected data platform for the luxury vehicles of the future.

Background:

• A background in software engineering or cyber security, with knowledge of DevSecOps.
• Familiarity of application security and threat modelling.
• Experience implementing SDLC process, technology, and automation in a DevOps environment and ideally making use of OWASP best practice.
• Experience within agile delivery frameworks.
• Experience with large-scale web applications and backend services, including API design, access management, authorization, authentication, data protection and encryption.
• Familiarity with common application and infrastructure security vulnerabilities and mitigations.?
• Solid technical foundation with a business-savvy mindset and an ability to translate technical vulnerabilities into business risks for senior leadership.

Additional Information:

Hybrid working: Yes

This role is INSIDE IR35