Cyber Security Architecture, Strategy & Planning Lead

Job Description

Flexible location - hybrid working with regular attendance in the London SW1 office.If youre used to operating as an architect at enterprise and solution architecture level where theres been a clear focus on cyber security and are keen to further develop while being part of a unique restoration project in an amazing high profile environment,come and be part of our structure for success.The Houses of Parliament Restoration and Renewal (R&R) Programme is set to be the UKs biggest and most complex ever building renovation programme. Indeed, significant work is needed to protect and preserve this fascinating UNESCO World Heritage site andensure it can continue to serve as the home of the UK Parliament in the 21st Century. Accordingly, were looking for a cyber security professional to join us.The mission of our cyber security team will be to provide a good security posture against the shifting backdrop of cyber risks and threats. As Cyber Security Architecture, Strategy & Planning Lead, youll be responsible for translating enterprise and industry threats into a clear cyber security strategy and capability roadmap and developing a delivery plan thats prioritised againstthese threats. Youll also be responsible for leading and managing a Digital Assurance team, including Security and Information Risk Advisors, and ensuring they have access to education and training opportunities.Day-today, your focus will be on helping to manage cyber threats, requirements and governance for the enterprise. Youll also work with the Head of Strategy, Architecture and Planning and Enterprise Architecture team to develop and maintain enterprise cyberarchitecture models, artifacts and plans. Owning the enterprise cyber risk methodology and alignment to recognised industry standards will be your responsibility too, as will documenting cyber deployment patterns for reusable architectures (e.g., SaaS, PaaS,IaaS). Authoring technical standards for adoption by technical delivery teams, reviewing project artefacts to ensure consistent quality and contributing to, and maintaining, a Data and Digital Cyber Technology Security Strategythese are just some aspectsof this interesting, varied and vital role.To succeed, youll need a relevant track record that includes experience of building security capability roadmaps with investment justification traceable to quantifiable risks. Youll also need a proven ability to plan and prioritise a delivery portfolio forcyber capabilities as part of the enterprise-wide technology delivery plans. Familiarity with architecture frameworks such as SABSA or TOGAF is important too, as is an understanding of wide ranging IT eco-systems from a threat landscape and threat modellingperspective, the security complexities of large supply-chains and the use of Identity & Access solutions in this context.An expert in Microsoft cloud security technologies (Azure, M365, Sentinel), youre adept at using cloud security frameworks, benchmarks and threat modelling approaches, including NIST, NCSC, CIS, MITRE ATT&CK. Whats more, you have experience of the applicationof shared responsibility security models and are able to clearly articulate the different cyber security challenges of SaaS/PaaS/IaaS hosted services. Knowledge of cyber security and information assurance for central government, including HMG security accreditationprocesses is also required, as is expertise in modern cloud centric architectures, including familiarity with Zero Trust. You also understand the threats posed by Internet of Things/Operational Technology and Industrial Control Systems, and how these can bemitigated.Benefits include:

• 30 days holiday plus bank holidays
• Discretionary bonus
• Generous pension
• Life Assurance
• Payment of Professional fees
• Employee discounts in a variety of retail outlets.
• Cycle to work scheme
• Flexible working (minimum of 2 days per week office based)

We are committed to promoting diversity and to equal opportunities in employment. We are building diverse teams and seek to attract and retain talented individuals from a range of backgrounds and cultures to join us on this hugely challenging and importantproject.Please apply by submitting a CV and cover letter stating your current salary and benefits, your suitability for the role and if you believe you have any current or potential conflicts of interest relating to thisWe look forward to receiving your completed application by 12 noon on Monday 6th March 2023.Successful candidates will be required to complete security vetting to a CTC Security level obtained through the Parliamentary Security Department (PSD). Candidates are required to pass these checks before a start date can be confirmed. Applicants shouldalso be aware that, depending on the role applied for, if they have resided outside of the UK for a total of more than two of the last five years, they may not be eligible for vetting.About UsThe Palace of Westminster is home to one of the busiest and most historic parliamentary institutions in the world and is an enduring symbol of our national identity. As one of the top 5 most recognisable buildings in the world, the Palace is visited by millionsof tourists each year.The Houses of Parliament Restoration & Renewal Programme has been set up to tackle all the work necessary to protect and preserve this UNESCO World Heritage site. It will be the biggest renovation of an historic building ever undertaken in the UK.