Enterprise Solution Architect - Security
Well known firm require an Enterprise Solution Architect to report to the Head of Technology Architecture, this senior thought leadership role is responsible for all aspects of security technology across the whole estate, supporting all business divisions.
Working with the CISO function you`ll define the strategy for security technology, support the ongoing Security programme and be a point of consultation for a range programmes with Security implications.
This role is an initial 6 month contract, with the opportunity to turn permanent.
The Enterprise Security Architect will have the following responsibilities:
- Operate as the Security technology subject matter expert, with ownership of current and future state Security technology strategy.
- Partner with Information Security and Data Privacy function (CISO) to oversee and govern implementation of Security technology roadmap and ensure their assurance role is supported effectively by the defined architecture.
- Defining current, future and transition states of the Security technology architecture, together with the corresponding plans & roadmaps, and ensuring the buy-in of key business stakeholders.
- In alignment with wider Enterprise Architecture team, taking ownership of the creation and maintenance of standards, patterns and other architectural artefacts to enable effective and successful realisation of the Security Architecture.
- Perform risk assessments and review and sign-off changes across the estate where a material security or privacy impact is anticipated.
- Evaluate technology estate compliance against current policies and standards, planned future policies and standards.
- Identify emerging technologies and trends to incorporate into Security technology roadmap.
- Build and maintain in-depth knowledge of business and security market, customers, and competitors.
- Maintain in-depth knowledge of the company's products, teams, and solution architectures.
- Maintain an awareness of security threats and regulatory requirements, as an input to defining the Security technology components and guiding investment / spend across the technology architecture domains.
Experience required of the Enterprise Security Architect:
- Security architecture experience in a B2B and B2C Digital Environment.
- Hands on security architecture and engineering experience in hybrid cloud environments. Ideally experience of securing AWS and Azure environments.
- Security leadership experience within a diverse digital and cloud environment. Ability to negotiate and obtain agreement from C-Suite Leadership.
- Experience of designing and implementing Security solutions through to operation, experience of multi-supplier/multi-platform environments.
- A high-level knowledge of all key areas of Information Security Technology and an ability to apply them appropriately.
- Delivering Security Architectures/Strategies as part of a broader Enterprise or IT Architecture.
- Interpreting and applying appropriate Standards, Policies and Legislation, e.g. GDPR, (mandatory), Cyber Essentials, SANS 20, ISO 27001, PCI DSS, NIST Cyber Security Framework, OWASP, CSA Security Guidance, CISSP
- Understanding of Threat Intelligence and Risk analysis methodologies/techniques and the interpretation/application of their output in the definition of Security Architectures.
- Experience of working with, and ideally a certification in TOGAF, Zachman, or similar.
Should you be interested, please do not hesitate to contact Molly.Lamb@lafosse.com