Summary: Experienced Cyber Security Architect specializing in designing and delivering security solutions for IT and OT environments in critical infrastructure, utilities, and financial services. The role involves securing industrial control systems through advanced threat modeling and Zero Trust architectures while ensuring compliance with various security standards. The candidate will leverage expertise in cloud security and SIEM integration to enhance incident detection and resilience across networks. Strong collaboration with cross-functional teams and stakeholder management is essential for successful digital transformation initiatives.
Key Responsibilities:
- Design and deliver robust security solutions for IT and OT environments.
- Secure industrial control systems (ICS) through unified threat modeling and Zero Trust architectures.
- Develop IT/OT security risk assessment frameworks leveraging STRIDE.
- Integrate SIEM solutions and ensure compliance with security standards.
- Align cross-functional teams and manage stakeholder expectations.
- Deliver secure digital transformation programs across regulatory landscapes.
Key Skills:
- Information Security Management and Compliance (GDPR, ISO 27001, NIST).
- Cybersecurity Frameworks (NIST Cybersecurity Framework, Zero Trust Architecture).
- Security Incident & Event Management (SIEM) tools (Azure Sentinel, Splunk).
- Identity & Access Management (IAM) solutions (CyberArk, BeyondTrust).
- Penetration & Vulnerability Assessment tools (Kali Linux, Nessus).
- Cloud Security expertise (Azure, AWS, GCP).
- DevSecOps tools and Configuration Management (Ansible, Chef).
Salary (Rate): undetermined
City: Coventry
Country: United Kingdom
Working Arrangements: undetermined
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Job Description: Experienced Cyber Security Architect with a proven track record of designing and delivering robust, scalable security solutions across IT and OT environments in critical infrastructure, utilities, and financial services. Specialises in securing industrial control systems (ICS), including SCADA, DCS, and PLCs, through unified threat modelling and Zero Trust architectures. Successfully developed IT/OT security risk assessment frameworks leveraging STRIDE, improving incident detection and resilience across industrial networks. Brings deep expertise in cloud and hybrid infrastructure security (Azure, AWS, GCP), SIEM integration (Azure Sentinel, Splunk), IAM/PAM (CyberArk, BeyondTrust), and compliance with NIST, IEC 62443, ISO 27001, and GDPR. Adept at aligning cross-functional teams, managing stakeholder expectations, and delivering secure digital transformation programmers across diverse regulatory landscapes.
Technical Skills:
- Information Security Management
- Audit & Compliance: GDPR, COBIT, PCI DSS, ISO 27001, NIST, CIS Controls
- Cyber Framework: NIST Cybersecurity Framework, Zero Trust Architecture
- Security Incident & Event Management (SIEM): Azure Sentinel, LogRhythm, Splunk, ElasticSIEM
- Identity & Access Management (IAM): Azure AD PIM, CyberArk, BeyondTrust
- Penetration & Vulnerability Assessment: Kali Linux, ZAP, Nessus, Burp Suite, Metasploit
- Threat Modelling: STRIDE, DREAD, MITRE ATT&CK
- Networking and Datacenter Virtualization Technologies
- IP, NGFW, DMVPN, MPLS, BGP, OSPF, LISP, Anycast, VPC, NLB
- Cloud Security
- OS: Linux, Windows
- Cloud Platforms: Azure, AWS, GCP
- Cloud Networking: VPC, IPsec VPN, Route53, ELB, CloudFront, vWAN, ExpressRoute
- Azure Security: WAF, AD, Azure Entra, Defender for Cloud, M365, Intune
- AWS Security: GuardDuty, Macie, Config, CloudTrail, Security Hub, Secrets Manager, Shield
- DevSecOps
- Tools: Tenable.io, Veracode & AppScan (DAST, SAST, IAST)
- Configuration Management: Chef, Ansible
