Location: City of London Job Type: Contract Industry: Cyber Security Job reference: BBBH396576_1739456770 Posted: 29 minutes ago
Cybersecurity Architect
6 months
London - hybrid
Active SC clearance required
Inside ir35
We are seeking aCybersecurity Architectto join ourData and Application Securityteam. OurData Securityservices cover a wide range of areas, includingData Loss Prevention (DLP),Cloud Access Security Brokers (CASB),Data Access Governance (DAG),data-at-rest encryption,PKI(Public Key Infrastructure) key management, andQ-Safeservices. On theApplication Securityside, we provide comprehensive coverage acrosswhite-boxandGray-box testing, as well as consulting services forDevSecOps engineering.
Key areas of expertise include:
DevSecOps: Strong focus on integrating security into the software development lifecycle, automating security practices intoCI/CD pipelines, and ensuring seamless collaboration between security and development teams. Experience with automatedSCA (Software Composition Analysis),SAST (Static Application Security Testing), andDAST (Dynamic Application Security Testing)to identify vulnerabilities early and throughout development.Application Security: Proficiency in application security testing, includingwhite-boxandgray-boxtesting methodologies. Strong experience inDevSecOps engineering, securing cloud-native and on-premises applications, and managing runtime protection.Infrastructure as Code (IaC) Security: Expertise in securingIaC(Infrastructure as Code) configurations, ensuring secure provisioning, configuration management, and continuous monitoring of infrastructure.Cloud-Native Application Protection Platform (CNAPP): Securing cloud-native applications, microservices, containers, and Kubernetes environments by identifying and mitigating vulnerabilities and misconfigurations across the application lifecycle.Cloud Security Posture Management (CSPM): Utilizing CSPM tools to ensure proper configuration and compliance with security policies across cloud environments (AWS, Azure, GCP).Workload Protection: Ensuring runtime security for applications, containers, and infrastructure, focusing on protecting workloads from vulnerabilities, threats, and attacks in both cloud and on-prem environments.Data Security (DLP, CASB, DAG, PKI): Knowledge ofData Loss Prevention (DLP)solutions to prevent unauthorized data access or leakage,CASBfor securing cloud applications, andData Access Governance (DAG)for managing access to sensitive data. Proficiency inPKI architectureandkey management, including the management of cryptographic keys,key ceremonies, and other related key management processes.Data-at-Rest Encryption & Key Management: Expertise in implementing data-at-rest encryption strategies, ensuring the protection of stored data, and managing key management solutions for encryption keys throughout their lifecycle. Knowledge ofQ-Safefor securing sensitive data and cryptographic key management.The ideal candidate will have:
Hands-on experience withDevSecOps toolsand frameworks, integrating security into CI/CD pipelines and automated workflows. Proficiency in cloud-native security tools and services (e.g.,Prisma Cloud,Palo Alto,CNAPP,CSPM,IaC security). Strong application security skills, includingstaticanddynamic application testing, as well as real-time protection for cloud-based applications.Master key ceremonyexperience, along with a deep understanding ofPKI architecture, cryptographic key management, and best practices for secure key generation and lifecycle management. Deep knowledge ofdata protection,encryption standards,Q-Safe, andPKIsystems, ensuring compliance and governance across both application and data security.The latest news, articles, and resources, sent to your inbox weekly.
Who We AreAt Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our...
3620 Kyndryl UK Limited
The customer is looking for a full time Senior Cyber Security Architect (familiar with DSPT-CAF and Windows 11 Refresh) Cyber Security Architect resource with knowledge of security frameworks including DSPT-CAF with consideration for Workplace technologies such as Microsoft Intune Windows 11 Alignment will be across multiple activities / projects...
LA International London
Cyber GRC ConsultantTech Transformation PracticeLondonConsultant - Senior Consultant levelYou want to boost your career and collaborate with expert, talented colleagues to solve and deliver against our clients' most important challenges? We are growing and are looking for people to join our team. You'll be part of an entrepreneurial, high-growth environment...
Infosys Consulting - Europe London
Job DescriptionSafran Landing Systems is the world leader in aircraft landing and braking systems and is at the forefront of contributing to safer, more sustainable aviation for current and future generations. We design, test, manufacture and assemble landing gear used on commercial aircraft including Airbus and Boeing, and UK military...
Safran Landing Systems Gloucester
80261 - Senior Solution ArchitectThis Senior Solution Architect will report to the Architecture Manager and will work within the Information Services directorate based in our London, Ipswich or Crawley office. You will be a permanent employee.You will attract a salary of £90,000.00 and a bonus of 7.5%. This role can...
UK Power Networks London
Threat and Vulnerability Manager- Break into FinTech – London/ Hybrid(Tech stack: Threat and Vulnerability Manager, Security Engineer, Security Tester, Penetration Testing, Cybersecurity, Systems, Infrastructure, Network, Cloud, Architecture, Security Solutions, Python, Shell, Ansible, Jenkins, CISSP/CISM/CISSO-ISSMP, CRISC, GIAC, COBIT/ITL Processes, Financial Services, Threat and Vulnerability Manager, URGENT)We have a fantastic opportunity for...
Noir Consulting London
