enterprise information security architect

Job Description

At Places for People, we hire People, not numbers! If you like the sound of one of our jobs, please apply — you could be just who we're looking for! Experience and track record are important, but we're more interested in hiring someone who embodies our People Promises.

We seek someone who does the right thing, is enthusiastic and motivated to grow, believes in community spirit, is respectful, and enjoys their work. As the UK's leading Social Enterprise, we're dedicated to creating inclusive and thriving communities for both our customers and employees. So, what are you waiting for? Join a community that cares about you!

As part of the second line of defence, the Enterprise Information Security Architect provides expert oversight and strategic challenge to ensure the organisation's systems, services, and technology programmes are secure by design. This role acts as a trusted risk advisor to enterprise and solution architects, IT leaders, and change teams, ensuring that security, resilience, and data protection are embedded into architecture decisions from the outset.

It provides independent assurance that technology solutions align with organisational policies, risk appetite, and regulatory obligations, helping to reduce exposure and build long-term security maturity. The role involves shaping information security architecture, governance, supporting secure design patterns, and guiding the organisation towards consistent, risk-informed decision-making. The Essential Criteria for this role are listed below.

• Proven experience in providing independent security or architectural assurance across IT change, enterprise architecture, or transformation programmes.
• Strong understanding of secure-by-design and privacy-by-design principles, with the ability to challenge and guide design decisions against risk appetite.
• Demonstrable knowledge of cyber and information security risks, including data protection, cloud security, and control assurance in complex environments.
• Excellent stakeholder management and communication skills, with confidence to engage and influence architects, IT leadership, and governance forums.
• Relevant professional certification (e.g., TOGAF, SABSA, CISSP, CISM) or equivalent experience in enterprise or security architecture within a risk or GRC function.

You're a strategic thinker with a deep understanding of architecture, cyber, or information security, and you know that secure design is fundamental to building trust, resilience, and business value.

You're comfortable operating in the second line of defence, or a similar GRC function, and bring the confidence to challenge constructively, guide decision-making, and influence architectural outcomes. You excel at translating complex security risks into practical design principles and are comfortable navigating technical details, governance forums, and business conversations alike. You understand the importance of aligning technology decisions with risk appetite and regulatory expectations without blocking progress. Above all, you bring credibility, clarity, and a calm, professional presence to fast-paced environments. You see the bigger picture and are motivated by helping the organisation make safer, smarter decisions — by design.

We are a large, diverse, and ambitious business, offering all the challenge you could wish for. We also provide a comprehensive benefits package, including:

• Competitive salary, with yearly reviews
• Pension with matched contributions up to 7%
• Excellent holiday entitlement — up to 35 days including bank holidays, with options to buy or sell leave
• Cashback plan for healthcare costs — up to £500 savings per year
• Bonus scheme for all colleagues at 2%
• Training and development opportunities
• Extra perks such as discounts and offers from shops, cinemas, and more

If you meet the criteria and are ready to advance your career, click apply. You will be redirected to our careers site where you can learn more about the role, read the full job description, and apply directly.

If you are a Places for People customer seeking support with your application, please contact our skills and employment team at (email address removed). Recruitment agencies should note we operate a PSL and do not accept cold calls.

At Places for People, safeguarding is everyone's responsibility. We are committed to creating safe communities by protecting children, adults at risk, and vulnerable individuals from harm, abuse, and neglect. We follow robust safeguarding policies, including pre-employment checks such as DBS where applicable, to ensure a safe and secure working environment. By joining us, you are expected to contribute to our safeguarding culture, adhere to our policies, and report concerns to protect our communities.