AMS PSR

On behalf of HS2, we are looking for a Lead Security Architect (Inside IR35) for a 6 Month hybrid contract up to 2 days per week based in Birmingham.

Job purpose

The Lead Security Architect is responsible for leading the development of security architecture and processes to embed the strategic application of security-related change across HS2’s systems and solutions.

The role owns the security domain architecture and oversees the design of HS2 security systems, setting appropriate design guardrails, standards, and policies to guide the development and implementation of products and platforms across HS2.

Role of Directorate and Capability 

IT sits within the CFO Directorate, playing an essential role in daily operations and success of the programme. The department provides technical leadership, advisory and delivery of IT services across HS2 Ltd, enabling the delivery of HS2’s mission.

Accountabilities/Responsibilities 

• Develop and implement enterprise-wide security architecture policies, patterns, processes and guardrails to embed the strategic application of change to ensure resilience of HS2-wide systems and solutions.
• Establish and manage the Security Architecture practice and capabilities across HS2, leading knowledge sharing and skills development efforts and driving consistency across HS2
• Oversee the design of HS2 security systems, setting appropriate design guardrails, standards, and policies, balancing functional and non-functional requirements, and managing associated risks.
• Set strategies, policies, standards and practices to ensure compliance and alignment between business strategies, technology strategies, and security activities.
• Lead definition and continued maturity of Security Architecture frameworks which aligns to wider enterprise-wide architecture.
• Capture and prioritise market and environmental trends that impact security, identifying business benefits of alternative security strategies.
• Support the development of HS2 IT’s information security strategy, ensuring that it aligns with wider Enterprise Architecture standards and HS2 IT objectives.
• Build strategic relationships with external stakeholders to understand security requirements and pain-points.
• Support the development of wider security roadmaps that provide proactive capabilities which enable business objectives.
• Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI.

Skills: 

• Security and Enterprise-wide architecture. Ability to develop a security architecture and support the development of a future state architecture aligned to strategy. Ability to support the translation of business drivers, goals and constraints into business objectives
• Governance and assurance. Ability to evolve and define governance and take responsibility for working with other stakeholders across HS2’s wider governance structure. Assure standards, guardrails and principles to effectively govern delivery
• Problem definition and shaping. Ability to define security-related strategies and policies, providing guidance to others on working within a strategic context.
• Agile working. Ability to coach and lead teams in Agile and Lean practices
• Stakeholder communication. Ability to communicate with stakeholders at all levels and manage stakeholder expectations
• Emerging technology monitoring. Ability to identify and assess new and emerging technologies, products, services, methods and techniques

Knowledge: 

• Knowledge of IT Security Frameworks, methodologies, and best practice / guidance such as NCSC standards
• Secure by Design Principles
• Familiarity with ISO 27001 and Cyber Essentials Plus
• Knowledge of agile methods and their implications for Security Architecture
• Knowledge of architecture principles, patterns, and their application within an organisation

Type of Experience: 

• Experience across industry frameworks and best practices (E.g., NCSC CAF, CIS CSC, etc.)
• Experience of supporting design for complex solutions including risks and remedies
• Experience of overseeing high-level designs for major solutions, managing design requirements, and maintaining an audit trial for a design control process
• Experience of defining complex technical models and communicating technical models clearly to stakeholders at all levels.
• Experience of successfully applying Security Architecture methods and approaches to complex scenarios.
• Experience working in a multi-vendor environment.
• Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident 

As a member of the Disability Confident Scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply.

In applying for this role, you acknowledge the following "this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different".