Title: Senior Information Security Architect Data
Reference No: 2082
Location: London (Remote)
Reports to: Head of Information Security Architecture
Salary: £90,000 - £100,000
Benefits: Bonus + Generous Package
PURPOSE OF THE JOB:
Design and maintain modern and re-usable architectural patterns for the protection of data at rest, in motion and in use. Establish and apply information security guardrails and architectural blueprints, and enable their application by other teams, for data classification, data protection and data loss/leakage prevention enterprise-wide, both on premises and in the cloud. Support the adoption of the new patterns in strong collaboration and alignment with Information Security Architecture & Engineering leadership and other IT platform/platform enabling teams.
Dimensions: supervise 0-3 external cybersecurity SMEs, on-site or remotely; demonstrate leading expertise in 10+ global technical solutions used for data security; support security investments of up to $1 Mio/yearly.
Define and maintain a data security strategy including data protection (e.g., via encryption, tokenization, anonymization, etc.) and data loss/leakage prevention (DLP) across the global organization. Convert stakeholder security requirements (both technical and business process related) into conceptual blueprints, following industry standards/frameworks/best practices and taking into account risk vs. reward, budget constraints and potential integration or operational challenges.
Drive hands-on the execution of the data security strategy for the Company. Formalize (e.g., in the form of reference architectures, diagrams, guardrails, standard operating procedures, etc.) relevant data security principles and requirements that govern how to adequately protect its confidentiality, integrity and availability enterprise-wide.
Provide subject matter expertise across the organization in support of initiatives which may have an impact on the overall data security posture of the Company. Review existing and proposed data security measures and proactively recommend and support the adoption of practical enhancements in collaboration with the relevant IT platform/platform enabling teams.
Coordinate the research, evaluation, recommendation and implementation of new or updated data security technology solutions that will reduce cyber risk to the Company or otherwise increase performance, reliability, cost effectiveness or flexibility. Establish and maintain meaningful relationships with technology vendors and other business partners.
Provide expertise to 150+ colleagues in Information Security and other IT functions on matters such as applicable policies, standards, procedures and guidelines, efficient use of tools and technologies. Liaise with the wider IT Architecture community to ensure that data security principles are progressively embedded in day-to-day operations.
SKILLS AND COMPETENCIES
College/University Master degree in computer/data science, electronic/electric/telecommunication engineering or equivalent.
Professional certifications in Information Security or Cybersecurity (e.g. Certified Information Systems Security Professional, Certified Information Security Manager).
• Minimum 7 years of experience as a data security architect within a large organization
• Proven track record in the design and implementation of data security controls, ideally in a geographically dispersed and hybrid cloud environment
• Demonstrated experience with modern tools for enterprise-level data loss/leakage prevention (DLP), digital rights management (RMS), data encryption/tokenization and data discovery
• Familiarity with Microsoft and Hashicorp data security solutions (e.g., AD RMS, Azure RMS, Vault)
• Ability to lead and execute large, complex projects related to data security (e.g., introduction of a global DLP solution, replacement of a PKI environment)
• Considerable technical writing proficiency, oral presentation skills, problem solving and decision-making skills
Others: skills / function specifics:
• Experience in using architecture methodologies such as TOGAF
• Practical experience in Agile/DevOps organizations and cultures