Enterprise Security Architect (IT/Technology)

Contract Type Permanent Employment Type Full-Time  Working Requirements    Dynamic Working Hours 9:30am to 5:30pm Salary Competitive Division Business Services  Location 55 Baker Street

 

Responsible for providing cyber risk expertise that will shape the future control environment.

 

The key objectives of the role are:

- Strengthening the bridge between business and technology through early engagement in the strategy process; business case development; and delivery lifecycle to ensure that security risks are considered and addressed through the roadmap.

 - Developing a Security Architecture that enables the organisation to explore and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.

- Providing an independent source of technical expertise to work with the Information Security Team and ensure that controls are effective, proportionate, consistent, and deliverable.

 

Duties Include

- Develop and maintain a security architecture process that enables the business to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.

- Develop security strategy plans and roadmaps based on sound enterprise architecture practices.

- Develop and maintain security architecture artefacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.

- Participate in application and infrastructure projects to provide security-planning advice.

- Participate in the Technical Design Authority (TDA) process to ensure Architecture documents align to best practices.

- Track developments and changes in the digital business and threat environments to ensure that they are adequately addressed in security strategy plans and architecture artefacts.

- Review security technologies, tools, and services, and make recommendations to the broader team for their use, based on security, financial, and operational metrics.

- Validate reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable Essential Requirements

- Assessing the current state of the firm’s security posture and identifying gaps, risks, and vulnerabilities

 

Essential requirements

- Demonstrable experience in a role of similar responsibility and scale

- A graduate level qualification in IT or technical subject

- Relevant professional certification to CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer / Auditor etc

- Microsoft Cybersecurity Architect (SC-100) qualification desirable

- A history of involvement in cyber related transformation projects and the effective development and implementation of new systems and control processes

- Understanding of cyber security incident procedures and security incident management frameworks, processes, and associated response measures.

- Understanding and knowledge of infrastructure; application; and security technologies.

 

Experience/Traits

- You have experience of communicating technical concepts and the risks posed by cyber threats effectively to a non-technical audience.

- You will demonstrate the skills; experience; and gravitas to effectively interact with and challenge technical teams.

- You have a deep understanding of the evolving internal and external cyber risks faced.

- You are self-motivated and able to work on your own initiative and within a team environment.

- You will have the desire to collaborate to deliver results, and to resolve conflicts expediently with an independent and objective approach.

- You will have a good understanding of the issues involved in project development, the language of project managers and, therefore, the ability to engage with the project managers in the deployment of the architecture in a pragmatic way.

- You will have an interest in analysing complex problems and identifying appropriate solutions and options to address them.

- Strong experience of security across the Microsoft stack including Azure, Microsoft 365, and others.

- Although primarily a Microsoft house, a broad knowledge of security across a multitude of technologies and vendors desirable.

 

#LI-MM1  #LI-Hybrid   #1  #2

 

 

Please note: this is a Direct Search led by Knight Frank. Applications from recruitment agencies will not be accepted nor will fees be paid for unsolicited CVs, even if provided by PSL agencies.