Enterprise Security Architect (IT/Technology)
London, GB, W1U 8AN
Knight Frank
Responsible for providing cyber risk expertise that will shape the future control environment.
The key objectives of the role are:
- Strengthening the bridge between business and technology through early engagement in the strategy process; business case development; and delivery lifecycle to ensure that security risks are considered and addressed through the roadmap.
- Developing a Security Architecture that enables the organisation to explore and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.
- Providing an independent source of technical expertise to work with the Information Security Team and ensure that controls are effective, proportionate, consistent, and deliverable.
Duties Include
- Develop and maintain a security architecture process that enables the business to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
- Develop and maintain security architecture artefacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
- Participate in application and infrastructure projects to provide security-planning advice.
- Participate in the Technical Design Authority (TDA) process to ensure Architecture documents align to best practices.
- Track developments and changes in the digital business and threat environments to ensure that they are adequately addressed in security strategy plans and architecture artefacts.
- Review security technologies, tools, and services, and make recommendations to the broader team for their use, based on security, financial, and operational metrics.
- Validate reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable Essential Requirements
- Assessing the current state of the firm’s security posture and identifying gaps, risks, and vulnerabilities
Essential requirements
- Demonstrable experience in a role of similar responsibility and scale
- A graduate level qualification in IT or technical subject
- Relevant professional certification to CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer / Auditor etc
- Microsoft Cybersecurity Architect (SC-100) qualification desirable
- A history of involvement in cyber related transformation projects and the effective development and implementation of new systems and control processes
- Understanding of cyber security incident procedures and security incident management frameworks, processes, and associated response measures.
- Understanding and knowledge of infrastructure; application; and security technologies.
Experience/Traits
- You have experience of communicating technical concepts and the risks posed by cyber threats effectively to a non-technical audience.
- You will demonstrate the skills; experience; and gravitas to effectively interact with and challenge technical teams.
- You have a deep understanding of the evolving internal and external cyber risks faced.
- You are self-motivated and able to work on your own initiative and within a team environment.
- You will have the desire to collaborate to deliver results, and to resolve conflicts expediently with an independent and objective approach.
- You will have a good understanding of the issues involved in project development, the language of project managers and, therefore, the ability to engage with the project managers in the deployment of the architecture in a pragmatic way.
- You will have an interest in analysing complex problems and identifying appropriate solutions and options to address them.
- Strong experience of security across the Microsoft stack including Azure, Microsoft 365, and others.
- Although primarily a Microsoft house, a broad knowledge of security across a multitude of technologies and vendors desirable.
#LI-MM1 #LI-Hybrid #1 #2
Please note: this is a Direct Search led by Knight Frank. Applications from recruitment agencies will not be accepted nor will fees be paid for unsolicited CVs, even if provided by PSL agencies.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Azure CISA CISM CISSP CRISC ISO 27001 Security strategy Strategy Vulnerabilities
Perks/benefits: Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open DoD-related jobs