Back to Job Search

IT Security Architect - 37457

  • Location: Warwickshire
  • Salary: £863.88 - 863.88 per day per day
  • Job Type:Contract

Posted about 1 month ago

  • Sector: Automotive
  • Function: Software and IT
  • Contact: Rachel Meacham
  • Contact Email: Rachel.meacham@jonlee.co.uk
  • Contact Phone: 01384 446112
  • Expiry Date: 09 December 2021
  • Job Ref: 59604

Ref: 37457

Title: Security Architect

Division: Information Technology

Contract Position based at: Gaydon

Pay Rate: up to £863.88/day Ltd (£664.32/day PAYE)

 

Position Description:

A Security Architect with a strong background in cryptographic subject matter will be required to provide support to various digital projects and Business As Usual (BAU) consultancy.

Key Accountabilities and Responsibilities

  • Identify information security risks and proactively work to ensure that Information risk are identified, assessed and mitigated across the business
  • Collaboration and thought leadership with the wider cryptography user community within JLR to provide appropriate advice and ensure that appropriate cryptographic techniques are in place to protect the information of the business
  • Ability to provide pragmatic risk-based advice for complex cryptographic requirements
  • Ability to provide objective and pragmatic cryptographic guidance for various project with the ability to cite relevant sources
  • Keep abreast of trends in cryptographic techniques and be able to suggest new usages as appropriate
  • Undertake any other work as directed by their line manager in connection with their job as may be requested

Key Interactions

  • Management throughout the JLR business to drive understanding and awareness
  • Product owners for IT Infrastructure projects
  • Delivery teams for Business led IT projects
  • Enterprise / Business Domain Architects
  • Engineering / Manufacturing connected car teams
  • Identity & Access Management teams
  • Other Project owners as consumers of Cryptography

Key Performance Indicators

  • Ensure alignment of Cryptography strategy across other EA teams within the IT domains and wider community e.g. connected car
  • Help define cryptography security architecture artefacts (principles, policies, standards and patterns) in conjunctions with the Enterprise Architecture teams and maintain these artefacts within the relevant management systems
  • Provide guidance and sponsorship for Crypto technology delivery projects, ensuring alignment across the business.
  • Provide documentation outlining cryptographic solutions and best practise for delivery of cryptographic solutions
  • Constantly review our current cryptography solutions identifying areas of weakness and recommending enhancements as part of an overall Security Programme
  • Ensure existing cryptography solutions are monitored and maintained
  • Creating a framework to provide clear guidance for embedding cryptography tools and principles into JLR IT projects as appropriate, ensuring that such projects are integrated into JLR central security systems.
  • Remain up to date with the latest cryptography concepts, standards, products and implementations.
  • Develop an in depth understanding the JLR security and overall IT environment and work to improve the security of that environment over time.
  • Define cryptography security architecture artefacts (principles, policies, standards and patterns) in conjunctions with the Enterprise Architecture teams and maintain these artefacts within the relevant management systems
  • Provide documentation outlining cryptographic solutions and best practise for delivery of cryptographic solutions

Skills Required:

  1. Ability to provide objective and pragmatic cryptographic guidance for various projects with the ability to cite relevant sources
  2. Ability to provide pragmatic risk-based advice for complex cryptographic requirements

Experience Required:

  • Asymmetric (encryption\decryption & sign\verify) and symmetric (encrypt\decrypt and MAC) cryptographic algorithms hashing algorithms (collision, preimage, second preimage resistance) entropy sources and secure random number generators openssl \ wolfssl \ bouncy castle et al cryptographic libraries common CA software (Microsoft CA, EJBCA etc

Key Management Systems

Software (Venafi etc) Secret Sharing tooling (Hashicorp, CyberArk) PKCS#11 APIs, Microsoft CAPI, Java Crypto Architecture API Public Key Infrastructure (Root of Trust) SSH key and GPG key management (Web of Trust) X.509 and CVC certificates NIST FIPS Standards NIST SP Standards IETF cryptographic RFCs PKCS standards EAL Common Criteria NSA Suite B and CNSA CP and CPS standards Data at Rest Encryption .e. TDE on Databases, Disk Encryption TLS, IPSec, SSH et al¿ CRLs and OCSP KMS, HSM, Secret Sharing for public cloud (AWS, GCP, Azure)

Additional Information

** THIS POSITION IS CONFIRMED INSIDE IR35 **

 

To apply for this role please send your CV to rachel.meacham@jonlee.co.uk

Your CV will be forwarded to Jonathan Lee Recruitment, a leading engineering and manufacturing recruitment consultancy established in 1978. The services advertised by Jonathan Lee Contracts are those of an Employment Business.