Security Architect

---

Job description

Security Architect

Duties

• Producing architectural Enterprise Security solutions both technology and service, ensuring solutions consider scalability, capacity management, ITSCM and software licensing from high level outlined architecture to detailed architecture. Ensuring that high level technical designs are aligned to enterprise architecture & security standards and all relevant architecture domains align with enterprise product strategies to meet agreed acceptance/definition of ready criteria.
• Managing Enterprise Security product roadmaps which identifies the scope, prioritisation and timeframes for delivery of capability including integration and specification of the products' solution design as well as addressing technical debt.

Key aspects of the work will include:

• Review and quality assure artefacts created by external suppliers and internal teams ensuring the quality of the delivered solution to fulfil business and non-functional requirements and adhere to strategic vision for the product group.
• Identifying opportunities for product innovation and shape design proposals for taking this forward; driving innovation at a security product level where this delivers quick wins and business benefit and is in the boundary of the product roadmap.
• Supporting integration and functional testing to ensure conformance to business acceptance and readiness criteria, identifying and responding to capacity, licensing and security risks, and determining service design outcomes are aligned to the risk appetite.
• Leading contributions to the Security communities of practice, providing thought leadership, coaching and mentoring of other employees to build the overall business, technical and product architect capability

Minimum:

• Significant experience as an Enterprise Security solution architect working in financial services or government/regulatory bodies, with experience of creating strategies, roadmaps and architectural delivery plans, enabling innovation for the relevant products, platforms, systems or components, on large projects.
• Significant experience of working through the end-to-end project and/or product delivery life cycle with employees, 3rd party or offshore suppliers following development methodologies (eg Prince2, RUP, Scrum, Agile)
• Significant experience in information security principles, security operations led technology and Service Management including incident and problem management.
• Have, or be willing and able to obtain HMG SC Clearance.

Essential:

• Commercially aware, the ability to understand supplier proposals and promote cost effective solutions.
• Experience of software application/infrastructure life cycle management, and the activities involved in application/infrastructure development/change, with specific knowledge of the relevant Enterprise security products.
• Effective influencing and negotiating at Exec level, communicating explicit and implicit trade-offs that impact the enterprise.
• Credible leader, able to adapt style to build strong relationships with senior leaders, collaborating across the organisation and use various techniques to facilitate innovation.
• Extensive knowledge and demonstrable experience of Information Security principles, tools, processes and procedures.
• Strong understanding of Security frameworks such as NIST, CIS etc.
• Excellent collaborative approach working in an Agile/distributed security model
• Relevant recognised security certification, eg CISSP, CISM, etcp