Cyber Security - Security Architect, Senior Manager
PwC's Cyber Security Practice is seeking to recruit Senior Security Architects to work with our clients across different industry sectors (both public and private sector) and to help grow the firm’s Security Architecture Capability.
You will work with clients to help them build Cyber Security into their organisations on both Enterprise and Technical levels, using and further developing PwC’s Security Architecture Framework and Methodology, tailored to meet individual client needs.
Key Skill Areas:
Enterprise Security Architecture
o Assessment - to determine the strength of the foundations for security within organisations and to ensure that their vision, strategies, processes, people and technologies are aligned and organised effectively to optimise Cyber Security in support of their business goals.
Design & Implementation – to design and build security into organisations from ‘top to bottom’ so that it can be justified, and from ‘bottom to top’ so that it can be seen to be complete.
Technical Security Architecture
o Assessment – to determine the strength and appropriateness of technical designs in mitigating relevant Cyber threats.
o Design & Implementation – to formulate & communicate new architectures and demonstrate their suitability in mitigating relevant
Security Leadership & Management – planning, managing and organising the delivery of Security Architecture to clients. Assisting with the development of the Security Architecture Practice within the firm.
Security Transformation (and Security in Transformation) – working in large scale transformation programmes, building their capability to assess and design Cyber Security.
Communication & Influencing – working with senior stakeholders, utilising Security Architecture methods and collateral to influence their decisions.
Desired Experience & Qualifications:
• A track record of previous Cyber Security consulting experience, working on complex business-facing client problems.
• Experience of industry standard Architectural Methodologies and Frameworks such as SABSA and TOGAF.
• Experience of relevant technologies (such as Networks, LANs and WANs, Servers & Hosting, Virtualisation, Applications, Identity Management etc.) and how to securely implement them.
• A sound understanding of how to model threats & risks as well as the controls necessary to mitigate them, on both an organisational and technical level.
• An understanding of how business strategy, risk, regulation and technical constraints influence organisational responses to cyber security.
• Excellent communication skills – both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate findings succinctly and clearly convey the message in a way which is appropriate for the audience, and rooted in the client’s needs).
• Experience of business development or sales, including leading bid teams, and experience of writing winning proposals and RFP responses.
• Cyber Security related qualification(s) such as CISSP, CISM, CREST Technical Security Architect, ISO Lead Auditor etc
• An understanding of security methodologies, best practice and industry standards
• Experience in risk & regulatory frameworks and standards such as NIST 800, ISO 27001, ISF SOGP, PCI-DSS etc