Safety Critical Operational Technology Lead Security Architect

---

Job description

Your new role

Safety Critical Operational Technology Lead Security Architect

National Highways are on a transformation journey to implement a policy of 'secured by design' and therefore all the architecture community will be heavily involved at the beginning of the life cycle and require an understanding of the risk RASCI within commercial arrangements. The Safety Critical Operational Technology Lead Architect is responsible for the provision of security architecture services for safety critical operational technology. They will align and coordinate with wider architect governance functions and ensure safety critical operational technology security architecture reduces both the probability and impact of cyber-attacks to National Highways. Where necessary, they will support wider security architecture activities outside of safety critical operational technology.

What you'll be leading on

• Lead the management and optimisation of safety critical operational technology security architecture ensuring end-to-end solutions are in place and communicated across the business.
• Produce and maintain appropriate technical security guidance documentation for safety-critical operational technology in support of wider security policies.
• Work alongside wider architectural governance functions to ensure all change initiatives are reviewed, supported and aligned with the safety critical operational technology security architecture.
• Support wider security architecture activities outside of safety critical operational technology when required.
• Work with external partners to influence safety critical operational technology related regulatory requirements and ensure that change initiatives are aligned with those requirements.
• Maintain the effectiveness of core safety-critical operational technology security capabilities.
• Anticipate technology trends, future threats and capability requirements and support development to address these.
• Identify, decide mitigations for, resolve / escalate architecture related safety-critical operational technology security related risks.
• Collaborate with design teams, project teams and the wider architectural function to ensure security requirements are designed into new products and services by default.

To be successful you will be/be able to demonstrate

• Given the relative age and maturity of the cyber security profession there are various career paths that the job holder could have followed to become a senior cyber security architect. It is therefore not expected that the job holder will meet all of skills detailed below, however it is expected that they will meet the majority and be proactive in their professional development to address any gaps.
• Cyber Security Qualifications: To hold relevant cyber security qualifications to prove depth of knowledge and achieve credibility with stakeholders: BSc / MSc in Cyber Security, Computer Science or related subject; CISSP, GICSP, Senior CCP (Architect) or similar Security Architecture qualification; CCSP, CCSK or similar Cloud Security qualification.
• Architectural Methodologies: Experience of applying or relevant qualifications / certifications in: SABSA, TOGAF
• Software Development Lifecycles: Deep familiarity with contemporary DevOps methods and tooling.
• Experience of applying DevSecOps.
• Microsoft Azure: Extensive experience of deploying Azure related security controls.
• Risk Management: Expert understanding of cyber security risk management.
• Project / Programme / Portfolio Governance: A detailed understanding of common capability delivery methodologies and governance structures.
• Operational technology: Familiarity with one or more of: IEC 62443 series standards, ISO 26262 and related standards, Embedded system development, Connected/Autonomous Vehicle and ITS systems and standards e.g. ETSI standards
• NCSC Cyber Assessment Framework

A bit about us

National Highways uses huge quantities of complex data over the lifetime of our infrastructure. We need to manage our information effectively and efficiently. Our vision is to develop integrated information and technology that empowers our colleagues and provides real time information to our customers, integration with intelligent vehicle and transport systems as they develop, to improve journey safety and reliability.

Why you should join us

At Highways England we believe in a connected country. We are passionate about creating a culture where colleagues feel connected, included and enjoy greater wellbeing to achieve this. We're proud that as an organisation we are continually striving to do better and actively encourage and support our colleagues to do the same with their careers.

So if you put safety first, take ownership of your work, show passion for what you do, work effectively in a team, and demonstrate integrity in how you do it - then you'll be a great fit for our organisation.

In order to be considered for this role, please register on our talent pool on the link below. A recruiter will then review your details and will contact you to discuss the role.

To find out more click APPLY NOW