Head of Security Architecture and Engineering

You will be responsible for enhancing and leading the company's global Security Architecture and Engineering function. The function is responsible for ensuring that the design of business solutions meets security and compliance mandates.

This will report directly to the Chief Information Security Officer.

Key responsibilities

In this role, will be accountable for the definition, maintenance, and implementation of the security architecture in support of the business and technical architecture. The role is also accountable for ensuring that a Security by Design approach is taken with new programmes, projects, and major change initiatives to deliver security assured and compliant solutions. The successful individual will be able to identify emerging technical risks and associated remediation responses to anticipate and address avoidable security events and incidents. This will include network security, application security, cloud security and endpoint security.

Primary responsibilities include:

Security Architecture and Consulting

• Providing security subject matter expertise and consulting to all new initiatives to ensure positive security outcomes are delivered, including the early definition of security controls required, definition and implementation of clear secure development design principles and developing a Security Testing & Assurance capability
• Implementation and management of a stringent Secure Development Lifecycle programme, aligned to the orgnisation's project methodology, to ensure the effective security governance of the company's application portfolio.
• Ensure that relevant security policies are in place, reviewed and applied effectively.
• Participate in the architecture review board to provide guidance on the architecture and design of security solutions for applications or systems
• Lead the continuous identification of technical risks and threats to our network security provisions.
• Accountable for the definition, maintenance and implementation of network security controls and technologies.

Security Architecture and Engineering

• Providing input to the global security strategy & investment plan creation and maintenance.
• Lead the definition, review and implementation of the cloud security architecture and supporting controls to ensure that security is built into the design of our cloud technology and services.
• Identify opportunities to standardise and simplify our security technology stack by leveraging native cloud capabilities.
• Lead key security architecture and engineering transformation projects designed to enhance our current measures and protect them against key threats.
• Strong stakeholder engagement at all levels
• Review and improve hardening security standards for endpoints, server, Firewalls etc, to aligned with good practice.
• Enhance and implement endpoint protection and monitoring solutions.
• Review data egress and ingress points and identify opportunities enhance current controls and technologies to effectively protect and monitor data leaving the organisation.
• Ensure that data leakage protection measures are defined, designed, and implemented to minimise internal data leakage incidents

The ideal candidate will have the following experience and skills:

• 5+ years of technical security architecture and engineering experience in a global security function.
• 2+ years of experience in leading a global security architecture and engineering function.
• Expert-level knowledge of security principles and technologies.
• Experience designing and implementing security solutions with a specific focus on cloud solutions.
• A sound understanding of emerging threats and industry trends.
• Strong interpersonal, communication and influencing skills with the ability to operate and communicate effectively at all levels.
• Experience with cloud networking architecture and operations as well as security automation and orchestration.
• A sound understanding of Information Security Forum Standard of Good Practice (ISF SOGP). ISO/IEC 27001/2, NIST and OWASP Top 10.

Education

• A technical degree and/or industry recognised qualification and demonstrable experience in Information Security Management (eg CISSP, CISM or GIAC certification).
• Demonstrable experience in architecture and engineering principles (eg SABSA, TOGAF).