Security Architect

MSP – London

My client is a Microsoft partner that helps their clients improve the way they work through digital transformation, the aiming to put them control of their IT, and help them drive business forward using Technology.

Role Summary

Manage the security needs of clients including maintenance of ISO27001 certification.  Heavily focused on Microsoft Security products, the role includes monitoring and management of pre and post breach incidents and overall service improvement and growth planning for the security dept.

 Objectives of the Role

Provide a secure managed environment for customers
Provide pre-sales expertise around Security solutions.
Conduct client security assessments and workshops.
Develop High and Low Level Design documentation as follow up to the assessments
Hands-on participation in building secure client environments based on Microsoft 365 solutions including the Azure product suite.

Duties and Responsibilities

Work closely with enterprise architects, other functional-area architects, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements;

Assess and understand the current security posture and future architecture, providing recommendations for improvement and risk reduction

Develop the business, information, and technical artefacts that constitute the enterprise information security architecture and solutions

Serve as a security expert in application development, database design, network and/or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices

Contribute to the alignment of security governance with ISO27001 and contribute to the development and maintenance of the information security strategy in accordance with the standard

Researches, designs, and advocates modern technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors

Analyses business impact and exposure, based on emerging security threats, vulnerabilities and risks

Communicates security risks and solutions to business partners and IT staff

Design security configuration guideline for information technology devices and systems, as well as mechanisms for assessing compliance with the guidelines

Design and build controls to address security risks and events as identified

Embrace a culture of continuous service improvement and service excellence

Stay up to date on security industry trends

Skills/Experience

Required

5-10 years in the Information Security industry

Strong experience with security strategy, with a passion to make security realistic, achievable and interwoven with the business fabric

Strong experience with a broad range of Microsoft security technologies, including Defender, DLP, EOP, NAC, IDS/ IPS, IDAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management;

Exposure to Office 365 E3 and EMS E3 security features such as;

• Microsoft Intune
• Azure Multi Factor Auth
• Conditional Access Control
• Self Service Password Reset configuration
• Microsoft Cloud App Security
• Azure ATP
• Azure Sentinel
• Azure Information Protection
• Azure AD P1 & P2
• E5 features
• Advanced eDiscovery
• Customer Lockbox
• Advanced Data Governance
• Service Encryption with Customer Key (nice to have)
• Office 365 Privileged Access Management
• PowerShell scripting skills

Strong experience in migrating enterprise companies from traditional data centre infrastructure, application and data designs to hybrid or fully-cloud enabled practices

Strong experience with cloud provider ecosystems, including Microsoft Office 365 E5 SKUs and Microsoft Azure.

Some experience with Unix/Linux and Windows system administration

Some experience with logging and alerting platforms, including SIEM integration

Some proven ability in security process and organizational design

Current understanding of Industry trends and emerging threats

Knowledge of incident response methodologies and technologies.

Well-rounded background in network, host, database, and application security;

Desirable 

Formal training in and experience using an enterprise architecture methodology (for example, the Zachman Framework or TOGAF);

Experience driving a culture of security awareness

Experience with the Data Protection Act 1998 and the new GDPR regulation

Experience administering network devices, databases, and/or web application servers

Professional IT Accreditations in at least one of these (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CCIE Security).

Competencies and Behaviours

Customer orientated

Working within an international environment

Builds networks with customers, other team members and other relevant teams is essential

Keeps all relevant people appropriately informed

Very good communications, presentation and negotiations skills

Technically innovative

Able to express technical and non-technical concepts in clear verbal and written English

Very good written skills to document complex concepts in a comprehensive, yet readable manner

Considers a range of options that meet the needs of all stakeholders

Ability to use own initiative to solve technical problems

Delivery Focused

Takes responsibility for targets

Drive efficacy into all solutions delivered, demonstration clear and measurable results through the development of KPIs

Ambitious and competitive

Drive innovation and best practice

Strive for standardisation and simplification in all aspects of work

Always cost conscious balancing the needs of the business against the provision of the best solutions possible

Qualifications 

BSc 2:1 or better

Azure Administrator Associate

SSCP – Systems Security Certified Practitioner OR  CCSP – Certified Cloud Security Professional

AZ-103 Microsoft Azure Administrator

MS-500 Microsoft 365 Security Administration

MS-101 Microsoft 365 Mobility and Security

MS-100 Microsoft 365 Identity and Services

The offer

Full-time position start as soon as possible. You will be based in Aldgate, London.

This role will involve occasional travel to customer sites for workshops.

Salary: £55,000 – £65,000 neg.

Company pension scheme, Life assurance policy, Healthcare plan, interest free season ticket loan, cycle to work scheme and childcare vouchers.

Training courses, seminars and social events