Principal Security Architect

Company Description

Principal Security Architect - Remote, UK

Telefónica Tech (part of the Telefónica Group) is a leading NextGen Tech solutions provider with a highly diversified team of over 6,000 exceptionally skilled employees and +60 nationalities. At Telefónica Tech we believe that technology can do great things: from extracting all the value of data to make the best business decisions, to ensuring the resilience of every organisation to build a more sustainable future. We serve more than 5.5m customers every day in over 175 countries, with a global ecosystem of market-leading partners. We are a global business with local strategic hubs in Spain, Brazil, the UK, and Germany.

In the UK and Ireland, Telefónica Tech UK&I has over 1,000 professionals helping leading brands and organisations across public sector, financial services and insurance, retail and manufacturing and commercial markets to unlock the power of integrated technology for all. We bring together in one place a unique combination of the best people, with the best tech and the best platforms. All in a simplified manner, to make a real difference to every business, every day. The Telefónica Tech UK&I hub has an end- to-end portfolio of market leading services and develops integrated technology solutions to accelerate digital transformation through: Cloud, Data & AI (Adatis), Enterprise Applications (Incremental), Workplace Services and Cyber Security & Networking.

We live by our values by being open, trusted and bold. Open to new ideas and ways of doing things. Trusted by our employees, customers and partners. Bold in our decisions and actions.

A few of our Partners & Accreditations:

• One of Microsoft UK&I’s top 3 Service Providers having achieved their most highly acclaimed Azure Expert status for the last 3 years.  Also recognised as a key Fastrack and Inner Circle Partner working closely across and with Microsoft globally.
• HPE Platinum Partner and pleased to have received the HPE FY23 UK&I Solution Provider of the Year award.
• Part of the Fortinet elite VIP program and one of only 2 Ultimate Partners in the UK.
• AWS Advanced Solution provider program and Managed Service Provider program.

Job Description

Principal Security Architect

The Principal Security Architect is responsible for designing, implementing, and maintaining an organization's overall security architecture. This role involves collaborating with various stakeholders to identify security requirements, developing strategies to address potential threats, and ensuring the confidentiality, integrity, and availability of sensitive information.

Initially working alongside a major security project over in Ireland, the role requires to be a key stakeholder in any project that this role is a part of, this means being a subject matter in various areas, being able to lead workshops around security solutions and services on your own, highlight areas of improvement for our customers to continuously improve their security posture.

Core responsibilities include: 

Security Architecture Design: 

• Develop and maintain a comprehensive security architecture that aligns with business goals and regulatory requirements. 
• Design and review security solutions, ensuring they meet industry best practices and standards. 
• Planning, studying and designing a security architecture for IT projects
• Designing, developing, and continuously improving vulnerability assessment, security testing, and risk analysis
• Designing, developing, and continuously improving the security posture of the company's products
• Providing developers with remediation guidance and advice
• Evaluating cloud and security technologies
• Designing, developing, and continuously improving security operations
• Recommending and providing technical leadership for the implementation of security measures to protect information systems, networks, and data
• Building and developing security architecture practice

Risk Assessment and Management: 

• Conduct risk assessments to identify potential vulnerabilities and threats. 
• Develop risk mitigation strategies and work with relevant teams to implement necessary security measures. 

Security Policy Development: 

• Establish and enforce security policies, procedures, and standards across the organisation. 
• Collaborate with legal and compliance teams to ensure policies align with industry regulations. 

Security Awareness and Training: 

• Provide security training and awareness programs for employees to promote a security-conscious culture. 
• Keep abreast of the latest security trends, threats, and technologies. 

Collaboration with IT Teams: 

• Work closely with IT teams to integrate security measures into the overall IT infrastructure. 
• Collaborate with system architects, developers, and administrators to ensure security is incorporated into all aspects of the system development lifecycle. 

Incident Response and Forensics: 

• Develop and maintain an incident response plans to address security incidents promptly. 
• Conduct forensic analysis of security incidents to identify root causes and prevent future occurrences. 

Security Audits and Compliance: 

• Perform regular security audits to assess compliance with established security policies. 
• Ensure compliance with industry standards and regulations. 

Qualifications

Industry Recognized Cyber Security Certifications:

• GSEC
• CISSP
• CISM
• CCSP
• CISA

Additional Information

We are looking for a Enterprise level security architect with the ability to clearly articulate technical concepts and the implications of cyber threats to those without a technical background is essential. You possess the competency, experience, and assertiveness needed for effective engagement and oversight of technical teams. You have an in-depth awareness of the dynamic cyber risks from both internal and external sources. Your self-driven nature allows you to excel independently as well as part of a team. A strong inclination towards teamwork, aiming for high-quality outcomes and swift conflict resolution with a fair and impartial stance, is expected. You understand the complexities of project development, speak the language of project management, and can thus effectively collaborate with project managers to pragmatically implement architectural solutions.