Company: Energy
Location: Buckinghamshire
Reports to Group CISO
Salary: £80,000 - £100,000
The Role
The Senior Information Security Architect will develop information security architecture and technology solutions to address the current and emerging information security and compliance requirements of the organization. Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members. This role covers security for both the IT and OT environments.
This role has one direct report.
Successful candidates will be required to achieve and maintain DV clearance.
Main Responsibilities
Reviews existing security architecture, identifies design gaps, and recommends security enhancements
Stays abreast of current and emerging security threats and designs security architecture to mitigate them
Stays abreast of emerging security technologies and integrates them into security architecture as needed
Ensures alignment between security architecture frameworks and standards and overall business strategy
Serves as an information security expert and trusted advisor to partners in IT and the business
Achieves security architecture regulatory compliance
Job requirements
Vocational Qualifications:
BS or MA in Computer Science, Information Security, or a related field (e.g., IT Audit, Enterprise Risk Management, etc.)
Certified Information Systems Security Professional (CISSP) or Global Information Assurance Certification (GIAC)
A relevant architecture qualification
Behavioural competencies:
An understanding of the impact of emerging business and end-user technologies have on information security requirements and architecture
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
Demonstrated technical expertise in existing security and IT/OT systems and an ability to keep pace with changing security and IT and OT technologies
Strong interpersonal skills, with an emphasis on the ability to effectively influence others
A team-focused mentality with the proven ability to work effectively with diverse stakeholders
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
A sense of urgency to resolve security incidents and risks
Experience required:
Deep experience in information security, especially in a security architect role
Demonstrable experience of OT Security
Experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)
Specific knowhow and technical skills:
Network Security, Network Hardware Configuration, Network Protocols, Networking Standards, Supervision, Conceptual Skills, Decision Making, Informing Others, Functional and Technical Skills, Dependability, Information Security Policies