Cloud Security Infrastructure Architect,

,

Information Security Architect, Information Security, Technology & Digital Services, London / Other Permanent

Your opportunity

To work in the innovative and creative CISO team. A world class operation with extensive knowledge and experience. Interfacing with business and technical teams and bringing about change and influence across the whole world of Deloitte. Apply your skills here to make things happen, great people, great purpose and passionate about our work.

We encourage consideration of flexible ways of working, both formal and informal arrangements that allow for the best outcomes for our people and our clients. If this opportunity is of interest to you with some flexibility, please do discuss with us.

Your role

As an Information Security Architect, you will be;

• Supporting implementation of the overall Information Security strategy
• Influencing and defining security policy, standards and procedures for improving security posture
• Designing, implementing and maintaining key security technology to improve security posture and strengthen security defenses
• Defining security requirements by evaluating business strategies and requirements, researching information security standards and conducting system security and vulnerability analyses and risk assessments
• Contributing to the end to end Security Architecture reviews as part of an IT lifecycle and security reviews throughout a change advisory board
• Leading on security research on the latest new security technologies
• Mentoring information security team members on recent developments and advancement in security technologies to drive widespread adoption of security best practices.
• Providing input on BAU and project budget
• Work with key IT service providers to ensure industry standard platform, network and endpoint security posture
• Ensure industry standard framework implementation
• Ensure project delivery by working with PMO and defining relevant milestones for CISO consumption
• Defining and providing relevant metrics and trends for CISO consumption

Your work, your choice

At Deloitte we believe the best impact is the value we add, not the hours we sit at our desk. We carefully consider agile ways of working, both formal and informal, that allow for the best impact for our people and our clients. Please speak to your recruiter about the working pattern that works best for you.

Location: London, Cardiff, Milton Keynes, or other appropriate office location

Work pattern:

This is a permanent contract opportunity. The role can be worked on a full-time basis.

“Our team members work a variety of agile working patterns. Tell us what arrangement works for you and we’ll try to accommodate.”

Your professional experience

• Proven experience in cloud security architecture role, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing cloud security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
• Working knowledge of different project delivery methodologies including Waterfall, Agile and Hybrid.
• Possess accreditation in CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control) or related certification.
• Extensive knowledge of cloud security architecture, demonstrating solutions delivery, practices and emerging technologies
• Have demonstrable experience in consulting and engineering of the development and design of cybersecurity best practices and the implementation of solid cybersecurity practices across the organization, to meet business goals along with customer and regulatory requirements.
• Possess extensive knowledge of frameworks or specifications of information security or risk management that include all legal, physical and technical controls involved in an organization’s risk management
• Be very knowledgeable in cloud security standards ISO/IEC 27017:2015 and ISO/IEC 27018:2014
• Have extensive experience with security considerations of cloud computing: This should include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DDoS attacks.
• Have a good knowledge and understanding of identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
• Have a solid understanding of various cyber technologies - mobile threat defense, endpoint protection, data loss prevention, insider threat protection, device hardening, classification, key & certificate management and many more
• Have the ability to be the enterprise cybersecurity subject matter expert that can articulate technical topics to those with or without a technical background
• Possess exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
• Computer Science degree and/or MSC in Information Security desirable but not essential.

Your service line: Enabling Functions

At Deloitte, we’re all about making an impact that matters, together. And nowhere is this moreapparent than among our 2,000 strong Enabling Functions teams. With our combined specialist skills and business partnering expertise, we provide all the essential strategy, support and advice our client-facing colleagues need, right across the firm. This enables them to focus all of their efforts on delivering the best service possible to their clients. So not only will you be providing world-class support to our internal clients, you’ll be making an impact for all the hugely influential organisations Deloitte works with too. Covering all our distinct areas: Human Resources, Clients & Industries, Finance & Legal, Central Business Services, National Quality & Risk Management, Technology & Digital Services, and Real Estate, the opportunities here are vast. And what’s more, you can grow your career in whatever direction you choose. We’ll support you all the way.

Personal independence

Regulation and controls are standard practice in our industry and Deloitte is no exception. These controls provide important legal protection for both you and the firm. We are subject to a number of audit regulations, one of which requires that certain colleagues abide by specific personal independence constraints. This can mean that you and your "Immediate Family Members" are not permitted to hold certain financial interests (shares, funds, bonds etc.) with audit clients of the firm. The recruitment team will provide further detail as you progress through the recruitment process.