Group Cyber - Security Architect

This role is responsible for providing technical security advice and guidance, with a focus across Ardagh. The candidate will help identify digital threats through risk assessment and participate in hands-on assessments of initiatives. They will collaborate on various change projects and contribute to producing tailored security best practices for the wider business.

Roles and Responsibilities:

• Collaborating with the business to provide security advice, requirements, and guidance during the delivery of new systems or updates to existing ones, ensuring Security by Design is considered.
• Participating in security-focused risk assessments to ensure they fall within the acceptable risk tolerance.
• Supporting the review of designs to ensure alignment with existing security principles, patterns, standards, and best practices.
• Assisting in the documentation of core security patterns, standards, and guidelines, and identifying opportunities for improvement.
• Identifying improvements in current security processes.
• Acting as an initial point of contact for security within the region and escalating issues as needed.
• Collaborating with the wider security architecture team to help ensure a standardized approach to security is defined and followed.
• Supporting IT teams in ensuring correct security controls and measures are in place before implementation.

Education and Certification:

• Bachelor's degree or equivalent experience in computer science, IT engineering, or a related field.
• Information Security and/or Information Technology certifications such as CISSP are preferred.
• Azure Security Certifications are preferred.

Knowledge:

• Familiarity with common frameworks such as NIST, CIS, ISO27k, and MITRE.
• Experience using SABSA is valuable.
• Ability to review solution designs, recognize security concerns, and suggest appropriate mitigations.
• Ability to work with vendors to understand security mitigations and make informed recommendations.
• Experience in helping the business understand the security implications of design decisions.
• Experience supporting the delivery of security requirements within the business.
• Understanding of Threat Modelling frameworks, such as STRIDE.
• Ability to navigate complex environments with conflicting project requirements.
• Experience supporting the maturation of security processes and patterns within the broader security team.
• Strong analytical and problem-solving skills, with the ability to work independently under general guidance.
• Strong organisational skills, with a proven ability to prioritise, meet deadlines, and manage workload effectively.
• Strong interpersonal and communication skills.
• Fluent in spoken and written English.

Experience:

• Prior experience in Information Security is required.
• Prior experience in security architecture is required.
• Experience in creating security artefacts is preferred.
• Experience in reviewing and updating policies and standards is preferred.