---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Application Security Architect
Location: London, , GB
Type: Permanent P/T
Closing Date: 03/16/2005
Job Title Principal Solutions Architect – EAI & Application Security
Salary 50-65k sterling + 25% bonus
Location West London
Candidates must be able to travel to West London on a daily basis - no
relocation allowance offered
Job Purpose
The Principal Solutions Architect –EAI & Application Security role has
been created to provide architectural direction to the applications that have
integration needs with other in-house applications as well as external
applications hosted by our partners. The role will also be responsible for
laying the architectural foundations for application security in our
application ensuring that the organisational security policies are translated
into the design.
Job Scope
Responsibilities / Work Activities
Mandatory
· Leads development of systems architectures for complex systems
or an entire corporate suite of systems. Takes full responsibility for ensuring
that systems architectures balance functional, service quality and systems
management requirements as indicated by the business requirement.
· Assures specification and design work to assist in the
development of service level agreements and any associated service guarantees.
· Establishes policy for the selection of systems architecture
components, and takes responsibility for the strategy and methods used in
implementing a systems architecture in a significant organisation.
· Co-ordinates design activity between the systems architecture,
application development and service delivery functions and promotes the
discipline to ensure consistency.
· Maintains a detailed knowledge of current practice and an
awareness of current developments within own area(s) of expertise. Keeps up to
date on relevant emerging technologies.
· Develops new techniques for use in systems architecture.
Promotes the systems architecture discipline within the wider ICT community.
Takes an active role in the development of other staff.
· Manages or co-ordinates the systems architecture function
within an organisation.
Knowledge / Skills
Mandatory
BEHAVIOURAL SKILLS
· Conceptual Thinking (Level 4) - Acquiring understanding of the
underlying issues in complex problems or situations by correctly relating these
to simpler or better understood concepts, models or previous experiences.
· Customer Focus (Level 3) - Understanding the needs of the
internal or external customer and keeping them in mind when taking actions or
making decisions.
· Planning and Organisation (Level 3) - Determining a course of
action by breaking it down into smaller steps and by planning and resourcing
each of these, making allowance for potential problems.
· Analytical Thinking (Level 4) - Acquiring understanding of a
problem or situation by breaking it down systematically into its component
parts and identifying the relationships between these parts.
· Creativity (Level 2) - Taking innovative approaches to problem
solving and devising inventive and creative solutions.
· Influence and Persuasion (Level 4) - Influencing and persuading
others to take a specific course of action when there is no direct line of
command or control
· Information Acquisition (Level 3) - Identifying gaps in the
available information required to understand a problem or situation and
devising means of remedying such gaps.
· Interacting with People (Level 4) - Establishing relationships
and maintaining contacts with people from a wide variety of backgrounds.
TECHNICAL KNOWLEDGE AND SKILLS
· Operating Infrastructure (Proficient in) - Knowledge of the ICT
infrastructure (hardware, databases, operating systems, local area networks
etc) used within own organisation
· Application Development Methods, Techniques and Standards
(Expert in) - Organised and documented sets of techniques, intended to
facilitate the structured development of applications. This includes UML based
techniques like RUP, Architected RAD and agile methods.
· Middleware (Expert in) - Software which forms part of the
operating platform infrastructure. Examples: Enterprise JavaBeans (EJBs),
Asynchronous Message Queuing.
· Product Evaluation and Selection (Expert in) - The analytical
comparison of ICT products against specified criteria to determine the best
solution to the business need.
· Structured Reviews (Expert in) - Methods and techniques for
structured reviews, including reviews of technical diagrams, test plans,
business cases and any other key deliverables. Examples: peer review, formal
technical review, Fagan inspection
· Consultancy or Technical Specialism (Expert in) - Specialist
knowledge and skills in one or more functions, technologies or industries.
Examples: customer relationship management, datawarehousing.
· Corporate, Industry and Professional Standards (Expert in) -
Standards associated with the practitioner's current Role. Examples:
Departmental Programming Sstandards, Corporate Quality and Change Management
Processes.
· Presentation Techniques (Expert in) - Methods and techniques
for delivering effective presentations.
· Report Writing Techniques (Expert in) - Methods and techniques
for writing effective reports.
· Information Capture Techniques (Expert in) - The selection and
application of information gathering methods, tools and techniques which are
appropriate to the information required and the sources available. Examples:
contextual enquiries, focus groups, structured interviews, questionnaires,
observation, statistical analysis.
OTHER KNOWLEDGE AND SKILLS
Preferable
BEHAVIOURAL SKILLS
-
TECHNICAL KNOWLEDGE AND SKILLS
· Configuration Management (Familiar with) - The control and
management of ICT assets (or configuration items) including hardware, software,
documentation, services, suppliers and network facilities by the use and
application of strict change management and recording.
· Hardware Configurations (Familiar with) - Determination of
hardware configurations, including number of processors, amount of memory, and
external interfaces.
· Networking and Communications (Familiar with) - The planning
and management of the interaction between two or more networking systems,
computers or other "intelligent" devices. Examples: ISDN, ATM,
Ethernet, TCP/IP.
· Infrastructure Architecture (Familiar with) - The frameworks
and principles on which networks, systems, equipment and resources are based.
Examples: Windows NT, UNIX, Oracle, TDM, ATM, TCP/IP.
OTHER KNOWLEDGE AND SKILLS
· Customer Service Techniques (Proficient in) - Techniques for
ensuring that full account is taken of customers’ real and stated needs in
the delivery of products and services
· Project Management (Proficient in) - Principles, methods,
techniques and tools for the effective management of projects from initiation
through to implementation like PRINCE2.
Role Specific Requirements
Strategic
· Provide the architecture vision for the company’s overall
application integration strategy and its information security strategy based on
the company’s security policy
· Define a strategic view of the company’s information
security needs.
· Working with the Security Officer, advising senior management
of changes in the technical, legal and regulatory arenas affecting information
security and computer crime.
· Research new information security technologies (in the areas of
application and application infrastructure components) and propose ideas for
new security service development.
· Research new application integration technologies and propose
ideas for the development of new integration platforms.
Organisation-wide
· Defining secure coding/application development principles.
· Developing reusable programming technologies that ensure secure
coding/application development principles.
· Educating application development teams on secure
coding/application development principles.
· Defining best practices for application integration –
in-house and third party
· Combining the application integration and security skills to
provide a robust, secure integration platform
Project
· Define the application integration & security architecture for
solutions being developed by translating the business requirements
· Interpreting the organisational security policies for the
solution to ensure that the architectural element that support these policies
are designed for
· Developing/managing the information risk analysis, assessment
and acceptance processes
· Ensure compliance with secure development principles & choices
of application integration.
Background
· Educated to degree level or holds a professional qualification
· Shows evidence of analytical ability and attention to detail.
Has a broad understanding of all stages of systems development and service
delivery. Demonstrates good inter-personal skills.
· Demonstrates high standards of professional behaviour in
dealings with clients, colleagues and staff. Has in depth knowledge of at least
one specific ICT area and a broad understanding across a wide field along with
a record of applying such knowledge successfully in a variety of situations.
Possesses strong inter-personal skills, especially in handling contacts of all
types and at all levels.
JOB REQUIREMENTS
---------------------------------------------------
PDD Responsibilities include:
- Identify, describe and prioritise their requirements for IT
applications
- Analysis, design, and construction of IT solutions
- Project management through the entire project lifecycle ensuring the delivery
of the IT solution to the business
CONTACT
---------------------------------------------------
Please email me on bruce@erasearch.com or call me on my mobile 07974 714 727
Bruce Baer
Mr
Era Associates
bruce@erasearch.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
