Information Security Architect

The Information Security Architect is part of the team that has responsibility for ensuring the design and development of secure IT solutions and services in a consistent manner.

The Information Security Architect will support the implementation of the University’s strategic information security architecture principles, blueprints and controls across central IT projects and services, and will proactively work with units across the collegiate University, providing expert guidance to implement these practices.

The Information Security Architect will work closely with the rest of the Information Security team to review IT security arrangements across existing services, ensure that security is included by design in new projects and services, and support the Solution Design Authority and the IT Architecture Advisory Group to ensure alignment between the information security and developing enterprise architectures.

The ideal candidate will be a highly specialised technical professional and have experience of designing, engineering and/or developing a range of IT solutions. The Information Security Architect will need to develop a strong working knowledge of all elements of information security and have the ability to work with, and positively influence, operational IT teams and senior University stakeholders.

Essential selection criteria

  • Proven track record in and experience of successfully designing, implementing and improving IT security architecture and controls
  • Demonstrable experience in understanding and applying defence in depth security models and security management practices
  • Extensive technical knowledge in core domains of IT infrastructure such as data networks, server and desktop hardware and operating systems, storage and backups, and related monitoring and management systems
  • Demonstrable experience of applying security controls in one or more of the following areas: Unix/Linux Servers, Windows servers, firewalls, IDS/IPS, vulnerability management, WAF, Wi-Fi, mobile security, DLP, digital certificates, encryption and authentication techniques, forensics, LAN and WANs and middleware applications
  • Thorough understanding of the principles, theories, practices and techniques for activities associated with planning and implementing secure information technologies and technical IT security mechanisms
  • Exhibit excellent analytical skills, the ability to manage multiple activities under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
  • High level of personal integrity, as well as the ability to handle confidential matters and show an appropriate level of judgment and maturity
  • Excellent written and oral communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences
  • Well organised, self-motivating and able to work effectively both as a team member and independently
  • Graduate calibre with appropriate qualifications, such as CISSP