Music Tribe are looking for a time served and experienced Security Architect to join our Global team.
The role will be predominantly remote, with the occasional commute to one our local offices in the UK or Europe being mutually beneficial.
The main tasks of the Security Architect are to develop a secure, effective and robust environment for all customer services, document all associated architectural plans, as well as provide governance for all security components.
- Identification and assessment of Music Tribe’s current digital security, with delivery of viewpoints to highlight opportunities that address at-risk areas and associated technical debt.
- Take responsibility for gap analysis and assessment of security system structures.
- Align security solution designs to Music Tribes vision, strategy and objectives.
- Develop security strategies, standardised security patterns and architecture documentation.
- Develop security standards and governance frameworks for digital systems as they relate to the broader EA ecosystem of Business, Data, Solutions etc.
- Supporting and guiding compliance strategy as it relates to digital security.
- Develop and maintain the technology stack to include commercial or open-source security
- Provide expert governance and advice to project teams on the place and importance of security architecture and technology, including best practices and associated governance activities.
- Oversee critical steps within the Software Development Life Cycle that impact enterprise-wide security architecture standards.
- Provide oversight in standards adherence through reviews of project work including detailed technical specifications and application code.
- Work with project teams in definition of associated security requirements for their projects.
- Oversee development and support of processes related to the security landscape.
- Assist with response, troubleshooting, root cause analysis, and problem resolution.
- Oversee the selection of security solutions and standards.
- Knowledge of enterprise security architecture, systems architecture, integration architecture and data architecture standards, frameworks, and
- Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability
- Solid understanding of security protocols, cryptography, authentication, authorisation and security as they relate to cloud based, digital services and
- Good working knowledge of current digital / IT security risks and experience implementing security solutions
- Experience implementing multi-factor authentication, single sign-on, identity management, ID federation or related technologies
- Experience in a management or supervisory role
- An interest in staying hands-on technical as well as wearing that team management hat
- Established project management skills
- Technology / Electronic / Software / Manufacture a plus.
- Experience of analysing and mapping current and future security models, gap analysis and transition planning
- Experience of leading and governing detailed design activity in order toidentify risk, technical debt and control drift from architectural design principles and patterns
- A diligent approach to cataloguing and controlling digital security building blocks and their associated descriptions for future re-use / design purposes
- Good understanding of cloud security
- BA/BS degree preferred, and 7+ years of relevant work
- Advanced security qualifications such as SABSA (Sherwood Applied Business Security Architecture) or CISSP (Certified Information Systems Security Professional)
- 3+ years of progressively responsible experience in a directly related area, demonstrating both professional and management capabilities
Cloud: Azure Security Center, Application Gateway, Azure Active Directory (Azure AD), Azure DDoS Protection, Key Vault, Azure Information Protection
Environment: Azure Data Factory, Profisee (MDM), Microsoft Dynamics 365, Azure Synapse, Azure Databricks, Power BI
Tools: Azure DevOps
DB: Azure SQL Database, Cosmos DB, Azure SQL Server, MySQL, NoSQL, PostgreSQL, MongoDB
Methodologies: Agile, DevOps, TOGAF / Zachmann framework familiarity
Concepts: Confidentiality, Integrity, Availability, Phishing, Crypto, Social Engineering, Botnets, Ransomware, DDoS, Vector risk analysis.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided