Security Architect

Permanent, Full Time

Up to £74,271 per annum

Location: Chelmsford

Working Style: Anywhere worker

Closing Date: 29th August 2022

Essex County Council (ECC) is one of the largest and most dynamic local authorities in the UK, serving a population of 2 million residents, and has a very successful track record of delivering transformational change. ECC anticipated change was needed in the public sector and has worked to deliver better quality at lower cost. We have an ambitious transformation agenda - one with the scope to reach every part of the council. We are changing the way we think, the way we work, and the ways in which we deliver our services.

The Security Architect is a key role, responsible for development of the Security Architecture that ensures the appropriate protection of all aspects of security, (people, electronic, data, physical) in technical development and delivery in support of the Council business objectives and requirements ensuring alignment and adhering to the principles of simplification, sharing and re-use.

Safeguarding Council data in an aggressive Cyber Security environment is an essential activity and the Post holder leads strategic collaboration with Senior Stakeholders in Directorates, Partner Organisations and Third-Party Suppliers to promote the Information Security Design aspects required in developing the ECC IT Strategy to exploit innovative products, services and solutions that deliver business and Citizen benefit.

The role will help drive a new modern way of delivering technology solutions required by ECC and the Service itself and be responsible for leading the Service into a modern technology landscape of continual change needed to operate in a cloud based digital and user-led organisation.

Accountabilities

• Responsible for the development, implementation, delivery and support of an enterprise information Security Architecture aligned to the strategic requirements of the Council.
• Responsible for ensuring compliance between business strategies and information security and leads the provision of information security resources expertise, guidance and systems necessary to execute strategic and operational plans across all of the organisation's information systems.
• Responsible for providing expert advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Leading the Delivery of security innovation to the advantage of the Council by capturing and prioritising market and environmental trends, business strategies and objectives, and identifying the business benefits of alternative strategies ensuring alignment to the Security Architecture.
• Leading assessment an approval of technical design to ensure Information Security Architectural conformance which ensures effective protection of Council data.
• Responsible for setting and maintaining Security Standards and Principles and ensuring they are correctly employed in all technical initiatives to ensure commonality of solutions design and implementation.
• Responsible for obtaining vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems to ensure appropriate protection of Council data.
• Leads the creation and review of a security capability strategy that meets the strategic requirements of the business.
• Leads collaboration and provides expert advice and guidance regarding security issues to Business Partners, Operational Teams and Suppliers to develop and present business cases, for high-level initiatives, approval, funding and prioritisation compliant with the Council Information Security Architecture.
• Specific individual and shared targets and objectives are defined annually within the performance management framework.

The Experience You Will Bring

• Educated to Degree level or equivalent in experience in a relevant subject.
• Able to demonstrate extensive experience in a Senior Security Architecture Role preferably working within a large Local Authority or with a Service Provider providing Public Sector Business Solutions and Architectural Services.
• Must demonstrate a track record of leading and working within effective teams delivering Security Solutions that have been proved successful in meeting complex business requirements and in enabling standardisation, simplification, sharing and re-use.
• Accredited to ISACA Certified Information Systems Security Professional (CISSP) or similar qualification such as Axelos RESILIA and must have demonstrable understanding and capability to employ supporting frameworks and methodologies such as TOGAF 9.2, ArchiMate, BPMN, COBIT and IT4IT.
• Able to demonstrate a clear understanding and capability to work within relevant ICT related standards including IITIL V3, ISO/IEC 38500, ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 20000, PRINCE2 and MSP.
• Excellent written, verbal communication and presentational skills.
• Excellent customer service skills.
• Experience in the use of Enterprise Modelling tools and methods such as EA Sparx and Orbus iServer.
• Experience of developing systems in line with GDS and Cyber Security Group guidelines.
• Evidence of continual professional development to keep pace with technical and business change that meet defined SFIA V7 competencies.

Apply and next steps

Please apply via the Working for Essex website, ensuring you upload an up to date CV and supporting statement when prompted.