Lead Security Architect

Description:

As a Lead Security Architect with broad technical Information Security skillsets, you will be responsible for multiple components of security architecture. You will be working with the project team, alongside the IT Information Security team to ensure that the architecture and associated products align to the client’s Information Security requirements.

Key Responsibilities:

· Align the Security Architecture for the client. Negotiate and demonstrate alignment to these views across other EA teams within the IT domains and wider community e.g. connected car.

· Define security architecture artefacts (principles, policies, standards, and patterns) in conjunction with the Enterprise Architecture teams and maintain these artefacts within the relevant management systems.

· Provide guidance and sponsorship for programmes & projects via governance process and ad-hoc advice, ensuring alignment to enterprise security policies.

· Provide SME and Security architecture support including documentation for projects requiring technical input.

· Work with wider architectural team to create and embed improved governance processes with clear security requirements into architectural and governance process. Collaborate with the wider organisation to provide information security advice ensures that the appropriate technologies are in place.

· Plan, research, design and sponsor new / improved security architectures with a focus on mitigating Information Security risks. Identify areas of weakness and recommend enhancements. Support security incidents as required, providing technical support during events and for post-event analyses.

· Develop, review, and approve the installation requirements for LANs, WANs, VPNs, routers, firewalls, and related network devices.

· Ensure security toolsets / products are funded, monitored, and maintained. Create clear guidance for embedding security tools and principles into projects in general and ensure that such projects are integrated into the central security systems.

· Remain up to date with the latest security systems, standards, authentication protocols, and products, being able to propose proactive mitigation as appropriate.

· Develop an in depth understanding of theclient’s security and overall IT environment and work to improve the security of that environment over time. Overall responsibility for the use, development and maintenance of the client’s Security tools.

· Undertake any other work as directed by their line manager in connection with their job as may be requested.

Key skills/knowledge/experience:

· Previous experience and background in Information Security at a management level.

· Proven good working knowledge of industry IT compliance standards, particularly in design and implementation.

· Knowledge of information security principles and best practices and experience in managing information security risk.

· Background and previous experience of IT security controls.

· Significant experience of working and influencing cross-functionally and managing external agencies.

· Experience of relationship management of senior stakeholders.

· Strong IT skills, ability to analyse data for reporting purposes and follow work instructions.

· Relevant degree or equivalent experience preferred.