Security Architect
6d ago


Core is a Microsoft 365 partner that helps our clients improve the way they work through digital transformation. We put them back in control of their IT, and help them drive their business forward using IT.

We are proud of our rich history of technical achievements, dating back to 2001, when we implemented the UK’s first Microsoft SharePoint system.

Role Summary

Manage the security needs of Cores Managed Service clients including maintenance of ISO27001 certification. Heavily focused on Microsoft Security products, the role includes monitoring and management of pre and post breach incidents and overall service improvement and growth planning for the security dept.

Objectives of the Roles

  • Provide a secure managed environment for Core and Cores customers
  • Provide pre-sale expertise around Security solutions.
  • Conduct client security assessments and workshops.
  • Develop High and Low Level Design documentation as follow up to the assessments
  • Hands-on participation in building secure client environments based on Microsoft E3 & E5 365 solutions including Azure Identity, Azure ATP, Azure Information Protection and Azure Sentinel
  • Duties and Responsibilities

  • Work closely with enterprise architects, other functional-area architects, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements;
  • Assess and understand Core’s current security posture and future architecture, providing recommendations for improvement and risk reduction
  • Develop the business, information, and technical artefacts that constitute the enterprise information security architecture and solutions
  • Serve as a security expert in application development, database design, network and / or platform (operating system) efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices
  • Contribute to the alignment of security governance with ISO27001 and contribute to the development and maintenance of the information security strategy in accordance with the standard
  • Researches, designs, and advocates modern technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners, and vendors
  • Analyses business impact and exposure, based on emerging security threats, vulnerabilities and risks
  • Communicates security risks and solutions to business partners and IT staff
  • Design security configuration guideline for information technology devices and systems, as well as mechanisms for assessing compliance with the guidelines
  • Design and build controls to address security risks and events as identified
  • Embrace a culture of continuous service improvement and service excellence
  • Stay up to date on security industry trends
  • Required

    5-10 years in the Information Security industry

    Strong experience with security strategy, with a passion to make security realistic, achievable and interwoven with the business fabric

  • Strong experience with a broad range of Microsoft security technologies, including Defender, DLP, EOP, NAC, IDS / IPS, IDAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management;
  • Exposure to Office 365 E3 and EMS E3 security features such as;
  • Microsoft Intune
  • Azure Multi Factor Auth
  • Conditional Access Control
  • Self Service Password Reset configuration
  • Microsoft Cloud App Security
  • Azure ATP
  • Azure Sentinel
  • Azure Information Protection
  • Azure AD P1 & P2
  • E5 features
  • Advanced eDiscovery
  • Customer Lockbox
  • Advanced Data Governance
  • Service Encryption with Customer Key (nice to have)
  • Office 365 Privileged Access Management
  • PowerShell scripting skills
  • Strong oral, written, and presentation abilities -able to convey risk to all levels of the business, from C-level executives to operations and development teams
  • Strong experience in migrating enterprise companies from traditional data centre infrastructure, application and data designs to hybrid or fully-cloud enabled practices
  • Strong experience with cloud provider ecosystems, including Microsoft Office 365 E5 SKUs and Microsoft Azure.
  • Some experience with Unix / Linux and Windows system administration
  • Some experience with logging and alerting platforms, including SIEM integration
  • Some proven ability in security process and organizational design
  • Current understanding of Industry trends and emerging threats
  • Knowledge of incident response methodologies and technologies.
  • Well-rounded background in network, host, database, and application security;
  • Desirable

  • Formal training in and experience using an enterprise architecture methodology (for example, the Zachman Framework or TOGAF);
  • Experience driving a culture of security awareness
  • Experience with the Data Protection Act 1998 and the new GDPR regulation
  • Experience administering network devices, databases, and / or web application servers
  • Professional IT Accreditations in at least one of these (CISM, CCSA, CCSE, JNCIA, CCNA, CISSP, CCIE Security).
  • Competencies and Behaviours

  • Customer orientated
  • Working within an international environment
  • Builds networks with customers, other team members and other relevant teams is essential
  • Keeps all relevant people appropriately informed
  • Very good communications, presentation and negotiations skills
  • Technically innovative
  • Able to express technical and non-technical concepts in clear verbal and written English
  • Very good written skills to document complex concepts in a comprehensive, yet readable manner
  • Considers a range of options that meet the needs of all stakeholders
  • Ability to use own initiative to solve technical problems
  • Delivery Focused
  • Takes responsibility for targets
  • Drive efficacy into all solutions delivered, demonstration clear and measurable results through the development of KPIs
  • Ambitious and competitive
  • Drive innovation and best practice
  • Strive for standardisation and simplification in all aspects of work
  • Always cost conscious balancing the needs of the business against the provision of the best solutions possible
  • Qualifications

  • BSc 2 : 1 or better
  • Azure Administrator Associate
  • SSCP - Systems Security Certified Practitioner OR CCSP - Certified Cloud Security Professional
  • AZ-103 Microsoft Azure Administrator
  • MS-500 Microsoft 365 Security Administration
  • MS-101 Microsoft 365 Mobility and Security
  • MS-100 Microsoft 365 Identity and Services
  • We offer

  • Full-time position start as soon as possible. You will be based in our offices in Aldgate, London. This role will involve occasional travel to customer sites for workshops.
  • Company pension scheme, Life assurance policy, Healthcare plan, interest free season ticket loan, cycle to work scheme and childcare vouchers.
  • Training courses, seminars and social events
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form