Enterprise Security Architect

I'm looking for an experienced Enterprise Security Architect to join a leading FS company based in C. London. You will report into the Head of Architecture and be part of a growing high-performing team.

Salary: up to £125,000 p/a + Benefits

Location: 3 times per week in Bristol

The Role

Reporting into the Head of IT Architecture, the Enterprise Security Architect is responsible for providing cyber risk expertise that will shape the future control environment. The key objectives of the role are:

• Strengthening the bridge between business and technology through early engagement in the strategy process; business case development; and delivery lifecycle to ensure that security risks are considered and addressed through the roadmap.
• Developing a Security Architecture that enables the organisation to explore and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.
• Providing an independent source of technical expertise to work with the Cyber Security Team and ensure that controls are effective, proportionate, consistent, and deliverable.

Duties Include

• Develop and maintain a Security Architecture process that enables the business to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers.
• Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
• Develop and maintain Security Architecture artefacts (e.g., models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations.
• Participate in application and infrastructure projects to provide security-planning advice.
• Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artefacts.
• Review security technologies, tools, and services, and make recommendations to the broader security team for their use, based on security, financial, and operational metrics.

• Validate reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable

Essential Requirements

• Demonstrable experience in a role of similar responsibility and scale
• A graduate level qualification in IT or technical subject
• Relevant professional certification to CISSP, CISM, CISA, CRISC, ISO 27001 Lead Implementer / Auditor etc
• Proven track record of leadership, preferably with a history of involvement in cyber related transformation projects and the effective development and implementation of new systems and control processes
• Experience working in collaboration with third party vendors and external cloud service providers.
• Understanding of cyber security incident procedures and security incident management frameworks, processes, and associated response measures
• Understanding and knowledge of infrastructure; application; and security technologies

Ideal Experience/Traits

• You have experience of communicating technical concepts and the risks posed by cyber threats effectively to a non-technical audience.
• You will demonstrate the skills; experience; and gravitas to effectively interact with and challenge technical teams.
• You have a deep understanding of the evolving internal and external cyber risks faced.
• You are self-motivated and able to work on your own initiative and within a team environment.
• You will have the desire to collaborate to deliver results, and to resolve conflicts expediently with an independent and objective approach.
• You'll have a good understanding of the issues involved in project development, the language of project managers and, therefore, the ability to engage with the project managers in the deployment of the architecture in a pragmatic way.

• You will have an interest in analysing complex problems and identifying appropriate solutions and options to address them.