Senior Security and Information Risk Advisor

Role: Senior Security and Information Risk Advisor

Job Ref: QAD 3118 /1902

Pay Rate: Competitive Market Rate

Hours per week: 37 hours

Contract Length: 12 months, potentially extended

Location: Reading, West Berkshire (no hybrid working)

We are seeking a Senior Security and Information Risk Advisor / Cyber Security Architect to provide specialist security oversight, guidance, and risk analysis to ensure all functions and classified materials are protected under an effective risk management framework. You will support IT projects with timely technical security advice, shaping the organisation's overall security architecture and key controls. We are looking for a skilled security professional with hands-on experience in security applications and appliances, preferably within the defence sector. A strong background in firewalls, DevOps, cloud security, IDS, and IPS is essential.

Key Responsibilities:

• Work with functions, projects and the supply chain to assess the sources of Information Risk and make recommendations on how these are to be managed.
• Provide the lead for maintaining awareness of industry best practice in Information Assurance and Information Risk Management.
• Determine how the overall security architecture applies to projects under consideration and advise project solution architects on security requirements.
• Review high and low level solution designs for compliance with overall security architecture, achievement of security requirements and overall efficacy of the security features and tools.
• Facilitate the formal accreditation of corporate systems.
• Oversee IT Health Check and Vulnerability Assessments by approving scope of tests and overall testing programme.
• Record and track assessments of information capability and projects supporting reviews and audits as necessary.

Core Skills & Experience

• Proven expertise as a Cyber Security Architect with hands-on technical experience.
• Strong background in security tools, applications, and appliances.
• Experience working in defence and highly classified environments.
• Solid understanding of security architecture principles and risk management.
• Technical proficiency in implementing and managing security frameworks.

Technical Knowledge & Competencies

• Extensive experience with firewalls, IDS/IPS, and endpoint detection solutions.
• Strong understanding of DevOps security practices and integration.
• Expertise in cloud security across platforms (e.g., AWS, Azure, GCP).
• Familiarity with Security Information and Event Management (SIEM) systems.
• Ability to assess, design, and implement intrusion detection and prevention mechanisms.

Preferred Technologies & Tools

• SIEM platforms (e.g., Elastic/ELK Stack, Sentinel - 365 Tools).
• Threat detection & response (e.g., Darktrace, Endpoint Detection & Response solutions).
• Security monitoring & automation (e.g., SOAR tools).

Additional Considerations

• Practical experience is prioritised over formal qualifications.
• Strong technical foundation and analytical mindset.
• Ability to operate in highly secure and classified environments.