Cyber Security Architect

Remote or London

Based in London, my client are a prestigious Professional services organisation boasting a workplace with cutting-edge people that is moving with the modern ways of working. Named as one of the leading professional services organisations places to work for 3 times in a row, the work environment attracts a seasoned professional who wants to be part of the best of breed.

• Working as part of the wider Security Architecture, Engineering and Resilience team, The Information Security Architect is the responsible authority with the requisite knowledge to work across a wide variety of portfolios providing Information & Cyber Security domain expertise and skills to help provide strategic technical direction that can optimise enterprise outcomes.
• This role focuses on the implementation of Information and Cyber Security across multiple portfolios.
• It is a key role in delivering Information & Cyber Security transformation and helping to ensure that the end vision is being delivered in a secure and resilient way while focusing on the overall experience to the users.

• Maintain a high-level holistic vision of Information Security within enterprise solutions and development initiatives.
• Build, contribute and maintain Information Security input to domain level roadmaps by demonstrating how they deliver the firm's core business capabilities in a secure manner and align to longer term strategic security and business roadmaps.
• Architect, Design, Build and Run Security services for the wider IT function including IoT, OT and IT (on prem and cloud)
• Understand and communicate strategic Information Security themes and other key business drivers for architecture to solution architects and non-technical stakeholders.
• Contribute an Information and Cyber Security perspective to wider architectural initiatives in the portfolio where applicable.
• Attend and participate in Data Governance Board project proposal reviews for use of data to ensure appropriate security and data use.
• Influence Information & Cyber Security best practices with regards to common modelling, design and coding practices, working closely with our application development teams and technical leads to ensure security across the portfolio.
• Collect, generate and analyse innovative ideas and technologies that are applicable to the enterprise in this domain.
• Address Information Security innovation as part of the future of architecture.
• Synchronise the following across solutions whenever applicable:
• System, data security and quality;
• Production infrastructure;
• Solution User experience governance;
• Scalability, performance and other non-functional requirements.
• Participate in Release Planning activities from an Information Security Perspective.
• Work with aligned IT functions to asses security architectural requirements and engagement to fit demand
• Keep in touch with the reality of the day-to-day Information Security architecture work, listening to the feedback and issues raised by the domain teams to consider and reflect in the roadmaps.

You will have a comprehensive knowledge of all Information Security & Cyber Security domains. Your Architecture or engineering experience must be clearly demonstrable and will have worked as an architect and understand the requirements of architecture frameworks and Information & Cyber Security frameworks such as NIST, Cyber Essentials and ISO27001.

• Previous experience of working for a global professional service environment or corporate organisation such as legal/finance/banking.
• Solid understanding of multiple architecture and security tools, techniques and frameworks TOGAF, SABSA, BSIMM, NIST, ISO 27001 etc.
• Solid understanding of secure development principles for multiple delivery methods, Agile, Waterfall etc.
• Practical experience of Information Security Risk Management and Threat Management.
• The ability to champion Information Security Architecture principles at an enterprise level.
• Practical experience of working with Prince2, PMP, Lean & Agile delivery tools such as Agile Central (or other similar tools e.g. JIRA) is preferable
• Experience of developing IT roadmaps for specific business or technology areas.
• Experience of working with multiple, diverse technologies and processing environments.
• Adaptability to adapt security architecture plans to a variety of rapidly changing environments.
• Ability to building information and system resilience into every architecture plan or system to meet business requirements.
• Ideally, an Information Security professional with both technical design and engineering expertise in a range of technologies as well as comprehensive knowledge set of Information & Cyber Security frameworks and principles.
• Fully conversant with the Microsoft suite of tools (E5, DFC, Sentinel, Entra, Defender for IoT)
• Should have exposure to Endpoint, Data Protection, Threat Intelligence and Application Security technologies
• Experience in creating architecture design documents, including HLDs and LLDs
• Exposure to data privacy standards and implementations
• Extensive senior stakeholder management skills.
• Able to work on multiple projects simultaneously and manage their time effectively

• Highly developed written and verbal communication skills, capable of producing global and sensitive communications to a varied audience at all levels in both Practice Areas and Business Services.
• Excellent verbal and interpersonal communications skills – some form of customer-facing interaction or consulting experience is a plus.

• The ideal candidate will be Certified Information Systems Security Professional (CISSP) or qualified, preferably with either Certified Information Security Manager (CISM).