Senior Security Architect

Key Accountabilities

• As part of a small, but fast-growing team, you will be the Subject Matter Expert (SME) to advise and guide customers on their cloud security journey and establish a long-term trusted advisor role
• Engaging with customers to help assess their cloud security posture and to ensure any subsequent cloud design and build is appropriately secured. This may be applicable to a customer’s single cloud, or multi-cloud environment, or when a customer wishes to move its environment from on-premise to the cloud
• Provide guidance to customers on their cloud security roadmap and assist on defining the right-size cloud security controls  
• Liaise closely with the customer’s architects and engineers and advise, design and deliver innovative cloud security Proof of Concepts
• Evolve existing Rackspace security services, as well as implement new ones, under the ‘Cloud Security Service’ banner.
• Establish best-practices for the consultancy resulting in standardized engagement models and repeatable ways-of-working
• Mentor and train other security architects within the wider Rackspace Security Solutions Architecture community on modern multi-cloud security domains and topics
• Evangelize the security cloud-native paradigm through the delivery of blogs, customer presentations and public speaking engagements
• Deliver high-quality work to customers as part of consulting engagements that can be delivered through workshops, presentations or security solutions architecture designs
• Actively identify opportunities for new engagements
• Contribute to RFI/RFP requests

Skills & Experience

• The ideal candidate has a proven track record in designing and delivering innovative technology security solutions built on the cloud.
• As a Senior Security Architect, the person should have the ability to act as a thought-leader. The right candidate can concisely and articulately present to both technical and non-technical audiences.
• Extensive experience of designing secure platforms on Microsoft Azure (including In Depth knowledge of Azure native security capabilities like Sentinel, key vaults, SIEM) but not limited to. Extensive experience of AWS or GCP is desirable.
• Demonstrable experience in designing secure cloud-native systems and/or rebuilding an existing system on the cloud with a suitable security posture.
• Demonstrable experience in the relevant legislation, industry regulations and industry standards such as ISR, EU GDPR, HIPAA, ISO27001, ISO 22301, ISO/IEC 20000-1, ISO 22301, NCEMA, NIST CSF, PCI DSS, Cloud Security Alliance CCM, CIS, OWASP and Cyber Essentials etc.
• In-depth knowledge of the Well-architected frameworks and best practices of the major cloud providers
• Must have the ability to lead engagements, either directly or as part of a larger programme of work and take ownership for the successful delivery of customer value within budget, time and scope.
• Acting as a thought-leader, the right candidate is able to concisely and articulately present to both technical and non-technical audiences.
• You have built specialist and demonstrable cloud security architectural knowledge in the following areas; Account governance, Identity and access management, Asset management and data protection, Infrastructure and platform security, Application security including threat modelling and secure CI/CD, Change management practice and detection capabilities, Boundary defence, Cloud Logging and Monitoring, Continues vulnerability and patch management systems, Incident response and threat mitigation, Cloud backup/recovery and disaster recovery (DR)
• Client-facing consultancy experience within large enterprises, but happy to deliver to SMBs
• You have an articulate opinion on the advantages of using public cloud platforms in a secure manner from a business perspective
• You can identify and plan to resolve the challenges, both technical and organizational, facing organizations who are moving their applications to the cloud
• Excellent communication and stakeholder management skills are required
• Certified as CISSP, CCSP and CISM is an advantage
• As the team services customers across EMEA you may be required to travel. You will align to the needs of the customer; therefore, some engagements can be performed remotely whereas others will require you to be on-site with the customer.