Job summary

Security Architect

Key skills required for this role

Security Architect

Important

Security Architect

Job description

Security Architect

Berkshire (hybrid working)

Summary of Role:

The role requires a versatile individual who can make effective and highly valued contributions to activities across the project lifecycle in Intelligence and Security, Geospatial Intelligence, and deployed IT environments. The candidate is expected to be capable of operating in a senior technical role working closely with customer and delivery teams; alone and unsupervised if necessary.

Working within Bid or Delivery teams and reporting to the Chief Technology Officer (CTO) & Programme Engineering Manager the successful candidate will be capable of aligning the business strategy and plans with technology and solutions that support the strategy. The SecA needs to be able to talk to both technical experts and wider organisational stakeholders, applying a holistic approach to create solutions that will help the Organisation achieve its goals. The candidate must be a team player who is prepared to lead from the front and work with a multi-national engineering team and the customer community.

Main Duties:

• Developing, contributing and management of the security vision, security architecture specifications, security architecture analysis, threat-modelling, security requirements, security standards and design patterns, reference architectures, security strategies and roadmaps
• Applying security design principles to develop security architectures
• Lead security interactions with senior internal and external stakeholders
• Supporting security accreditation of systems or environments
• Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy
• Capturing, expanding, and analysing security requirements
• Developing innovative security solutions to enable execution of the long-term security architecture
• Driving security technology evaluations and proof-of-concepts
• Building strong cross-organizational relationships and effectively influencing the architecture team and stakeholders
• Managing the lifecycle of security technologies
• Working closely with the other architects to ensure that security is properly embedded in their technology domain architectures
• Assisting other architects in peer reviews
• Evaluating and assessing risk as part of application and system lifecycle management
• Staying current with security technologies and making recommendations for use, based on business value
• Advising leadership on Cybersecurity issues, systems, processes, products, and services
• Maintaining oversight of the design and implementation of systems to ensure appropriate and effective security controls are included
• Serving as a Cybersecurity expert to contribute to the definition of overall system architecture

Essential skills

• Able to articulate and solve complex problems and concepts, by interrogating and using data or intelligence to formulate and influence plans
• Able to interpret complex business and technical issues and identify and recognise a viable solution or control
• Capable of understanding and linking complex and diverse sets of information to inform the response and approach
• Expert understanding and can apply security concepts to a technical level, at the highest levels of risk complexity. Effectively translate and accurately communicate security and risk implications at the most senior levels across diverse technical and non-technical stakeholders
• Strong management of stakeholders' expectations across high-risk and complexity or under constrained timescales
• Lead design and review solutions to complex problems with the architecture team by defining and challenging patterns and principles
• Apply risk methodologies at the most complex levels of risk
• Strong knowledge of system architectures. Able to understand and articulate the impact of vulnerabilities on existing and future designs, systems and how easy or difficult it will be to exploit these vulnerabilities
• Contribute to and inform developments on security properties in technology. Identify new technologies and design the use of these in the project strategy
• Experience of producing and supporting bids
• Broad understanding of Cloud hosting and Cloud architectures for one or more major Cloud providers
• Experience in, or knowledge of, DevSecOps Tooling and Processes
• A working knowledge of MoD or Government IT Security environments and requirements at various classifications including SECRET and above.
• Holder of current SC clearance, or the ability to gain

Standard Benefits:

• 25 days holiday (increasing to 27 days) + statutory public holidays.
• Contributory Pension Scheme (up to 10.5% company contribution).
• 6 times salary 'Life Assurance'.
• Flexible Benefits scheme.
• Discretionary Bonus scheme.
• Enhanced family friendly policies.
• 37hr standard working week, with an early finish on Fridays whilst operating a 'Hybrid Working Model'*