At a Glance
- Tasks: Lead the design and implementation of security frameworks and cloud architecture.
- Company: Join a world-leading organisation committed to your success and development.
- Benefits: Competitive daily rate, flexible onsite work, and a supportive environment.
- Other info: Inclusive workplace welcoming diverse applicants; career growth opportunities available.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: 10+ years in Cybersecurity with strong architecture and cloud experience.
6 Month contract initially, based: max 4 days p/w onsite in London. Rate - £600 - £00 p/d via Umbrella.
We have a great opportunity with a world leading organisation where you will be provided with all of the support and development to succeed. A progressive organisation where you can really make a difference. We have a great opportunity for a Cyber Security - Senior Enterprise Security Architect on a long term program of work.
Key Responsibilities- Strategic Framework Alignment: Lead the end-to-end design and roadmap for implementing CIS Controls (v8 or latest) from the ground up, mapping current technical controls to the CIS framework.
- Infrastructure & Cloud Security Architecture: Define and enforce secure architecture patterns for on-premises, hybrid, and multi-cloud (AWS/Azure/GCP) environments, ensuring compliance with CIS Benchmarks.
- Policy & Governance: Develop and document enterprise-wide security policies, standards, and procedures derived from CIS implementation groups (IG1, IG2, IG3) to ensure scalable security.
- Technical Implementation Oversight: Collaborate closely with DevOps, Network Engineering, and IT Operations teams to automate security configurations (e.g., automated patching, hardening, configuration management).
- Asset Management & Visibility: Design robust solutions for automated hardware and software asset inventory - a critical prerequisite for effective CIS implementation.
- Vulnerability & Risk Management: Establish and mature enterprise vulnerability management processes to ensure continuous identification and remediation of risks as prioritised by the CIS framework.
- Stakeholder Engagement: Act as the primary subject matter expert, effectively communicating security requirements, project milestones, and risk posture to executive leadership and technical staff alike.
- Experience: 10+ years in Cybersecurity, with at least 5 years in a senior architecture or lead security role.
- Framework Expertise: Deep, hands-on experience implementing CIS Critical Security Controls in large-scale enterprise environments.
- Cloud Fluency: Demonstrated architectural design experience in secure cloud migrations and cloud-native security practices.
- Automation: Strong belief in and experience with 'Security as Code' principles; proficiency in scripting (Python, PowerShell) or Infrastructure as Code (Terraform, Ansible) to automate hardening.
- Hardening Standards: Expert-level knowledge of CIS Benchmarks for operating systems (Linux/Windows), cloud platforms, and network devices.
- Communication: Proven ability to bridge the gap between technical teams and business stakeholders, articulating security risks in plain language.
- Senior Stakeholder Management: Proficient and experienced in communication at executive levels within the organisation, reports, PowerPoint and presentation.
- Cloud & Infrastructure: Expert knowledge of AWS (Control Tower, SCPs), Azure (Blueprints, Policy), and GCP (Organization Policy Service).
- Infrastructure as Code (IaC): Advanced proficiency in Terraform, Ansible, or Bicep to enforce security configurations at scale (GitOps approach).
- Identity & Access Management (IAM): Deep understanding of Zero Trust Architecture (ZTA), RBAC/ABAC models, and integration with Enterprise IAM (Okta, Entra ID, Ping).
- Operating System Hardening: Hands-on experience applying CIS Benchmarks to Linux (RHEL, Ubuntu, Alpine) and Windows Server environments using automated configuration management.
- Vulnerability Management: Experience with enterprise tools like Tenable.io, Qualys, or Rapid7 to map findings directly to CIS Control 7.
- EDR/XDR Integration: Expert-level deployment of tools (e.g., CrowdStrike, SentinelOne) to achieve full visibility across endpoints (CIS Control 6).
- SIEM/SOAR: Experience designing log aggregation and automated response playbooks in platforms like Splunk, Microsoft Sentinel, or Google Chronicle to satisfy monitoring requirements (CIS Control 8).
- Asset Management: Implementation of automated discovery tools (e.g., CMDB Lansweeper) to maintain a dynamic inventory of hardware and software (CIS Controls 1 & 2).
- Micro-segmentation: Expertise in network design (NSX, Illumio, or Cloud-native security groups) to enforce granular traffic control (CIS Control 12).
- Encryption: Implementation of Data-at-Rest and Data-in-Transit standards (TLS 1.3, AES-256, HSMs, and Key Management Systems).
We are committed to fostering an inclusive, equitable and accessible workplace where everyone feels valued and supported. We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience.
Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.
Cyber Security - Senior Enterprise Security Architect employer: LA International
Join a world-leading organisation that prioritises your professional growth and development as a Cyber Security - Senior Enterprise Security Architect. With a commitment to fostering an inclusive and equitable workplace, you will have the opportunity to make a significant impact while collaborating with top-tier professionals in a dynamic environment located in London. Enjoy competitive rates and the flexibility of working up to four days a week onsite, all while contributing to a long-term programme that shapes the future of cybersecurity.
StudySmarter Expert Advice🤫
We think this is how you could land Cyber Security - Senior Enterprise Security Architect
✨Tip Number 1
Network like a pro! Attend industry meetups, webinars, and conferences to connect with fellow Cyber Security enthusiasts. You never know who might be looking for someone just like you!
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to CIS Controls and cloud security. This gives potential employers a taste of what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on your communication skills. Be ready to explain complex security concepts in simple terms, as you'll need to engage with both technical teams and executive leadership.
✨Tip Number 4
Don't forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who take that extra step to connect with us directly.
We think you need these skills to ace Cyber Security - Senior Enterprise Security Architect
Some tips for your application 🫡
Tailor Your CV:Make sure your CV is tailored to the Cyber Security - Senior Enterprise Security Architect role. Highlight your experience with CIS Controls and cloud security, as well as any relevant projects you've led. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about cyber security and how your background makes you a perfect fit for this role. Don't forget to mention your experience in stakeholder engagement and communication, as these are key for us.
Showcase Your Technical Skills:In your application, be sure to showcase your technical skills, especially around automation and security frameworks. Mention specific tools and languages you’ve used, like Terraform or Python, to demonstrate your hands-on experience. We love seeing practical examples!
Apply Through Our Website:We encourage you to apply through our website for the best chance of being noticed. It helps us keep track of applications and ensures you’re considered for the role. Plus, it’s super easy to do—just follow the prompts and submit your materials!
How to prepare for a job interview at LA International
✨Know Your CIS Controls
Make sure you’re well-versed in the latest CIS Controls, especially v8. Be ready to discuss how you've implemented these in past roles and how they can be applied to the organisation's current security framework.
✨Showcase Your Cloud Security Expertise
Prepare to talk about your experience with AWS, Azure, and GCP. Highlight specific projects where you defined secure architecture patterns and how you ensured compliance with CIS Benchmarks in cloud environments.
✨Communicate Like a Pro
Practice explaining complex security concepts in simple terms. You’ll need to bridge the gap between technical teams and executive leadership, so being able to articulate security risks clearly is key.
✨Demonstrate Automation Skills
Be ready to discuss your experience with 'Security as Code' principles. Bring examples of how you've used scripting or Infrastructure as Code tools like Terraform or Ansible to automate security configurations effectively.
