Security Architect

An expanding Defence client of ours is currently in the market for a Secutrity Architect to specialise within their Product Security division. As the Product Security Architect, you will be working alongside a team who are constantly growing and developing. You will be responsible for Identify security requirements and ensure the integration of security controls during the product development lifecycle

Some of what you will be involved in:

• Develop and implement risk management strategies
• Perform security threat modelling and risk assessments applying security controls to mitigate any threats identified
• Collaborate with the development teams to ensure the adoption of Secure by Design principles
• Identify security risks that arise from potential solution architectures, advising and assuring alternate solutions or counter-measures to mitigate identified information risks.
• Collaborate with the product development teams to integrate security best practices ensuring Secure by Design
• Identify and mitigate security vulnerabilities and risks in products
• Develop and maintain security guidelines, documentation, and training materials
• Participate in incident response and remediation efforts for security breaches affecting products

Your skillset may include:

• Knowledge of HMG standards (including MOD-specific JSP, Def Stan 05-138, Def Stan 05-139)
• An understanding of MOD ISN 23/09 Secure by Design
• Knowledge of security frameworks, such as ISO/IEC 27001, NIST 800-30, NIST 800-53 or OWASP
• Working with risk management frameworks and methodologies (e.g., ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53)

Please reach out to Lewis Dunn @ ARM if you are interested or simply have some questions - E: or DD:

Disclaimer:

This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.