Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Jobs - Security Architect London, UK GSEC, GCIH, GSNA, GMON, GCCC, GSTRT, GSLC InfoSec Jobs


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Security Architect
Company GfK
Location London, UK
Preferred GIAC Certifications GSEC, GCIH, GSNA, GMON, GCCC, GSTRT, GSLC
Travel 15%
Salary £70-80k p/a
URL Not provided
Contact Name Anonymous
Contact Email adam.nicholson/at/gfk.com
Expires 2018-07-30

Job Description

About GfK
We are Germany's largest market research institute, and the fourth largest market research organization in the world. Our vision is to be the indispensable, trusted data and analytics partner for the durable goods and technology industries and respective retailers. Everything we do starts with our clients. We collaborate across boundaries with a can-do attitude and lean mentality. We focus on what matters most so that we deliver real value. Innovation is in our DNA. We bring new products to market quickly and focus on continuous improvement. We dare to take educated risks, learn quickly from failure and push on toward excellence.
Many say they have big data problems, we do have big data and also big problems to solve. We apply modern technology and proven practices to solve problems around big data storage, big data processing, machine learning and complex data visualisation.
Help lead the digital transformation of GfK and be an impactful participant in shaping the future of market research and data insight.


Purpose of the Role
Reporting to the Security Technology Team Manager, the Security Architect is responsible for leading business security design on new systems, projects and programs. The successful postholder undertakes analysis and assessment of threats, vulnerabilities and potential impacts leading to the initiation of remedial actions required to mitigate risks across all of GfK’s platforms as well as championing all aspects of best practice security concepts within design phases of projects.

In addition, the Security Architect will also be responsible for establishing and maintaining comprehensive documentation and roadmaps related to the security architecture of the GfK group and will be seen as the single point of contact for such matters within the organisation.
The Security Architect also plays an important role within the senior Security Tech Team and actively contributes to the development of IT Security polices, standards and guidelines that mitigate overall risks, strengthen IT security defenses and reduce vulnerabilities of the IT systems. The Security Architect will be involved in communicating technology security standards and promoting awareness to cyber colleagues in the organization as well as supporting forensic investigations, analyzing security intelligence, organizing security testing and measuring IT security maturity and compliance with IT security standards and guidelines.

Key Activities
• Ensure company core technology initiatives are designed and built with correct levels of security and compliance
• Work with architects, application, infrastructure and business teams on promotion and adoption of best practice security concepts, as well as the integration of security components and services
• Conduct risk assessments, gap analysis and remediation plans of new and existing systems
• Risk assess externally accessible services
• Act as a security liaison to Technology & Data teams
• Plan for implementing management’s directives in most secure manners with least disruption
• Engage with business stakeholders to understand their propositions in order that business goals can be achieved securely or where necessary with full understanding of the risks involved
• Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Collaborate with peers in other areas of the company to continually improve upon security throughout the organisation
• Participate in the secure architecture and engineering processes
• Support IT system owners, Application owners, IT administrators, Regional Security Coordinators and Local Security Coordinators in the investigation and remediation of IT security incidents or other policy violations
• Provide security technology implementation advice to IT Colleagues, Region Security Coordinators, Legal & Compliance, Global HR, Central Services, etc.
• Monitor the external threat environment for emerging threats, and advise head of security of risk and recommended courses of action.
• Assist in the organization of technical security awareness trainings for software developers
• Assist in the gathering and reporting of IT security metrics to measure the efficiency and effectiveness of the IT security controls.

Experience & skills required
• Strong knowledge of security technologies and concepts.
• Extensive experience in security design
• High level knowledge of all areas of Information & Cyber Security
• Demonstrated ability to analyse and solve problems.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Poise and ability to act calmly and competently in high-pressure, high-stress situations.
• Must be a critical thinker, with strong problem-solving skills.
• Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives.
• Project management skills: scheduling and resource management.
• Ability to work cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
• Understands “voice of the customer” and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need
• High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.
• One or more industry recognised qualification (E.g CISSP, CESG, ISSAP, TOGAF etc) or certification (GSEC, GCIH, GSNA, GMON, GCCC, GSTRT, GSLC)

The GfK culture
Having choices is what makes life exciting. Make your choice today and take your future into your own hands. We value skills and talent and will support your development within our international teams.
GfK makes your choice easy as we offer an exciting work environment that brings people together and encourages an entrepreneurial and innovative spirit. As a trusted leader in market research present in over 100 countries, we know what makes consumers’ hearts beat and how to help our clients grow—globally and locally.
Our culture is diverse and highly collaborative. Our data scientists, creatives, software engineers and product owners all collaborate across different disciplines to develop cutting edge, fully integrated solutions.
• We embrace working in the team: we build on trust, collaboration and open feedback
• We foster diversity: this is more than a mix of gender, culture, ethnicity and languages for us. It is the inclusion of different thinking, experiences, expertise and backgrounds across all businesses and organizational levels
• We believe in a healthy work-life balance: we offer flexible & remote working, agile environments & hot desking, break out spaces, socials, activities, table tennis and amazing views!
• We are committed to providing you with opportunities to develop both professionally and personally through local, regional and global programs - we help our colleagues grow and runway their careers