Key responsibilities
· Ability to develop, design secure solutions and produce a Security Design documenting the controls.
· The ability to deconstruct a solution / network architecture.
· Ability to identify and mitigate against threats and vulnerabilities associated with proposed solutions and evaluate the soundness of solutions using industry standard practices (e.g., STRIDE, MITRE).
· Demonstrate the ability to interpret threats into Risks, using your knowledge and experience to assist the business in assessing likelihood and impact.
· Effectively communicate technical concepts to both technical and non-technical collaborators.
· Skills to produce and articulate Security Designs to all collaborators within the project and business.
· Comfortable weighing the risks and benefits of competing Security design options. · Comfortable working on multiple challenging projects simultaneously
Key skills
* Designing and implementing security solutions to support meeting industrial and security frameworks such as ISO 27000 series, PCI DSS, COBIT, NIST, OWASP.
* Proven experience in risk assessment, threat modelling and implementing security controls.
* Expertise in managing user identities and securing access to systems.
* Knowledge of encryption, hashing, and tokenization techniques for data privacy.
* Understanding secure software development lifecycles (SDLC) and integrating security into CI/CD pipelines.
* Proficient in network protocols, perimeter security to protect infrastructures and applications.
* Certifications in Security Management such as CISSP / CISM / CCSP or equivalent.
* Certifications in technical Security domains such as CEH / OSCP or equivalent.
* Experience of Public and or Private cloud environments. Experience with multi-cloud security environments (GCP, AWS and Azure).
* Proven experience managing multiple high priority security projects simultaneously