Offers “ENGIE”

Expires soon ENGIE

Information Systems Security Architect

  • London (Greater London)
  • Architecture / Town planning

Job description

ENGIE UK has an exciting role for an Information Systems Security Architect. The role will be based in Canary Wharf London (E14 5LQ). This is a full time and permanent role reporting into the Engie UK Chief Information Security Officer. On offer is a competitive salary and  benefits package.

 

The role is a design and governance role for the Information Systems Security functional support line across Engie UK Services. The person will be expected to drive security alignment throughout the business, ensure the proposed solutions are in line with security policy, standards, industry best practice, governance and compliance frameworks.

 

Additionally to ensure our business data and systems are designed to be secure; improve cost & business process efficiency; deliver added value and competitive advantage through innovation.

The person will:

• Act as Design lead for all IT/cyber security projects throughout Energy Services
• Ensure security architecture is consistent with other architecture elements and addresses internal and external security compliance requirements
• Support projects and programmes by creating high-level security designs and ensures detailed designs conform to security considerations
• Engage with the business from the bidding phase through to delivery of the project on all matters of technical security and, when necessary, in issues relating to security governance
• Define technical security standards and draft policies when required
• Provide technical advice on implementation of security controls across corporate and business systems such as ISO 27001 and PCI DSS controls

Key Accountabilities are:

To aid in the coordination of all information security, cyber security and IT architectural design and risk management for all IT services across the UK organisation’s facilities. 

Critical to the success of this role will be to ensure that the following areas are covered:

• Provides comprehensive IS assurance and compliance assessments, promotes industry best practice through design, controls, audits and reporting
• Is engaged in advising on, acquiring and maintaining relevant security accreditations for the business – e.g. ISO27001 
• Supports IS legal discovery and investigations – e.g. searches related to fraud, employment dispute or other misconduct 
• Engages in cyber service design – as part of new projects / mobilisations – to ensure solutions are secure 
• Carries out IS monitoring – e.g. network traffic analysis, looking for anomalies etc.
• Verifies security systems by developing and implementing test scripts 
• Ensures security systems are up to date by monitoring security environment; identifying security gaps; evaluating and implementing enhancements 
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates
• Maintains security by ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs
• Assists Infrastructure and Operations with IS incident management – e.g. response to virus attacks, denial of service, etc. and service recovery, including coordination with Group Security Operations Centre 
• Continually updates knowledge by tracking and understanding emerging security practices and standards; reading professional publications; participating in professional organizations (ISACA, ISC2, etc.)
• Enhances IT Security’s reputation by accepting ownership of and accountability for new and time dependant requests; exploring opportunities to add value to job accomplishments and by planning delivery of solutions
• Represent IT as the lead security architect to the technical architecture group
• Identify and address security vulnerabilities within information assets, information processing systems and networking environment
• Represent IT Security at the Change Control Board in the absence of ISSO or CISO

For a full job description, please email

 
Qualifications:

• Bachelor or Master degree in an in a Computer Science, Engineering or IT    discipline, or equivalent through experience
• CISSP (Certified Information Systems Security Professional) certification
• Microsoft certification such as MCSA, MCSE
• Cisco Certified CCNA, CCNP, CCSE, etc. 
• Certified Ethical Hacking (CEH)
• Qualys Vulnerability Management
• Checkpoint Certified CCSA, CCSE, etc.
• Anti-Virus vendor certification from Symantec, McAfee, Sophos, TrendMicro,  etc.
• Industry recognised IT Architecture qualification (e.g. TOGAF)
• ISO 27001 & PCI DSS Implementer/auditor certification
• SAP security
• ITIL – Foundation

Professional Experience:

• Hands-on experience in designing and implementing effective security  solutions based on industry best practice, highly commercial, time-to-market  conscious
• Extensive current knowledge and experience of key security and data  requirements and solutions, in particular Data retention, vulnerability threats  (e.g. Cross-site Scripting, SQL Injection, etc.) encryption and PCI
• A broad understanding of all stages of systems development and product  delivery.
• A background in network and application architecture covering different  technology stacks, platforms and protocols
• Ability to communicate effectively with people at a technical, functional, tactical  and strategic level, involving presentations, documentation, meetings and  negotiations
• Corporate industry and professional standards 
• Product/Technology evaluation and selection.
• Experience and understanding of security requirements to meet national    governance standards (DPA, etc.)

The closing date for applications will be  28th September 2017 

For this role you must have evidence of right to work in the UK. There is no re-location package with this job role. ENGIE do not discriminate on the grounds of age, gender, race, colour, religion, disability or sexual orientation, and we welcome applications from all sections of the community.

Make every future a success.
  • Job directory
  • Business directory