Security Technical Architect
When it comes to innovation and achievement there are few organisations with a better track record. Join us and you’ll be able to play a big part in the success of our highly successful, fast-paced business that opens up Europe so people can exercise their get-up-and-go. With over 250 aircraft flying over 700 routes to more than 30 countries, we’re the UK’s largest airline, the fourth largest in Europe and the tenth largest in the world. Flying over 70 million passengers a year, we employ over 10,000 people. Its big-scale stuff and we’re still growing.
The security technical architect will provide technical subject matter expertise, security standards and define security tools, systems and solutions.
- Work closely with enterprise architects, solution architects, technical architects and other senior IT designers to ensure services are ‘Secure by Design’.
- Produce and maintain architecture documentation for security platforms – SAB and LLDs.
- Responsible for defining security platforms, tools, systems and solutions to deliver against the InfoSec Strategy and Programme, aligned to IT strategy and security standards.
- Ownership of the full lifecycle of security technologies, systems and / or platforms are within their speciality domain.
- Participate in delivering change and participating in associated ongoing run, support & maintenance.
- Provide IT teams with security focused technical consultancy to ensure compliance with security policies, standards and regulations.
- Contribute to/and implement strategies for embedding relevant security policies and security technical standards in projects and services.
- Providing technical oversight and review of designs being primarily defined by developers / engineers in their area of speciality.
- Providing overall solution leadership on solutions that are largely contained to their systems / platforms but cannot be delegated to developers / engineers due to risk factors.
- Work with other technical architects to provide a quorum that shares overall accountability for a solution straddling their respective systems / platforms.
- Work with solution architects and other technical architects, leading on a part of a broader end-to-end solution.
- Define (and where necessary deliver against) standards for technical design materials, both high-level and detailed.
- Retain a working knowledge of related security technical areas such as; application, network and host, to enable effective liaison with other technical groups and protection of company information.
- Produce and disseminate management information in relation to security technical architecture, technical assurance of projects and all associated solutions.
- Act as a security domain specialist and contribute to level 3 support for systems / platforms where needed, with a particular emphasis on problem management & resolution in addition to incident management.
In line with the Competency Framework for job family M&P (Management & Professional) which cover:
- Ownership and Delivery. Has a clear focus to deliver results, working to targets, reviewing progress and adapting their plans accordingly, motivating themselves/the team to achieve.
- Business Performance. Understands business and external environment, is cost conscious and understands the longer term perspective and implications of decisions.
- Innovation and Change. Is open to new ways of doing things and questions existing approaches, views change as an opportunity, comfortable working in a dynamic and ambiguous environment.
- Building Relationships. Expresses ideas confidently and clearly, builds positive and constructive relationships with others, gets to know colleagues within their own team and supports them to ensure team goals are achieved.
Requirements of the Role
- The jobholder must have a thorough understanding of the security threat landscape, significant risks, technical developments and directions.
- Strong interpersonal skills are essential, as the jobholder must be able to operate effectively at all levels within and outside of the company.
- Demonstrable experience of working in a security architecture team.
- Depth of experience in IT Technical Security, including time as a security senior practitioner.
- Experience of security systems and controls, including, vulnerability management, web content filtering, intrusion prevention, SIEM, email security,, DLP, NAC, IAM, O365, AWS, SDLC and Web Application Firewalls.
- Ability to harness the commitment and contribution of team members outside of direct span of control.
- Excellent written and oral communication skills.
- Ability to conduct research into security technical platforms and evaluate capabilities.
- Ability to effectively prioritise and execute tasks in a high-pressure environment.
- A Self Starter with the ability to lead and drive change through an organisation.
- Ability to build strong relationships and influence decisions with internal and external stakeholders.
- Familiarity with patterns, practices and frameworks of Enterprise Architecture.
- Be a business-focussed, creative, innovative pragmatic and positive team player.
One or more of the following qualifications are highly desirable.
- Masters in Information Security (MSc).
- Certified Information Systems Security Professional (CISSP).
- TOGAF Certified.
- Certified Information Security Architecture Professional (CISSP-ISSAP).
- Certified Secure Software Lifecycle Professional (CSSLP).
- Certified Cloud Security Professional (CCSP).
- Vendor technology certifications e.g. AWS Security.
If you are interested in finding out more about this opportunity or would like to apply then please contact Jonny Duggan on 01908 886 038 or email firstname.lastname@example.org.