Security Architect

First Rail

London, United Kingdom
Industry
Qualifications
Benefits
Skills
Experience
Education
Special Commitments
Apply
1,000+ Similar Jobs

Who are we?

FirstGroup PLC is the largest rail operator in the UK and second largest bus operator in the UK outside London. FirstGroup operates services throughout the UK and Ireland, with over 30,000 employees providing services that make travel smoother and life easier. FirstGroup works hard to reduce its impact on the environment, introducing cleaner and more environmentally responsible methods of transport

About the team

The Group Strategy and Architecture team's purpose is to define and govern delivery of the IT Strategy and the future architecture in support of the business strategies. Defining initiatives and investment roadmaps that deliver value for IT investment and looking ahead and assessing technology innovation to accelerate strategy delivery.

The Group Cyber Security Operations and IS Compliance Team is responsible for protecting First businesses digital assets, systems and data from cyber threats, ensuring compliance with the relevant regulations and standards.

We foster a collaborative environment where creativity and expertise thrive, allowing us to deliver exceptional solutions to our customers. 

About the job

We have an opportunity open for a highly skilled Security Architect to join our Group Strategy and Architecture team working very closely and in partnership with our Cyber and Information security team. 

Our role is only available if you hold or fulfil the criteria to obtain a UK Security Clearance.

Your main responsibilities will be:

  • The primary responsibility of this role is to lead the development and maintenance of the security architecture for the Group. Responsible for identifying potential security vulnerabilities in existing and/new proposals and designing solutions to prevent or mitigate those vulnerabilities. The successful candidate will work very closely with the CISO and the Information security team.
  • A key of the role is to complete security architecture assurance activities as a member of several Group IT Governance bodies governing programmes, projects and supplier activities, ensuring alignment to the business and technology strategies, corporate policies, mandatory regulatory requirements and ensuring that security technology investment delivers value for IT.
  • Defining and communicating a shared security technical and architectural vision across the group organisations. Developing enterprise security architecture roadmaps, including ‘as is', ‘to be' and transitional states
  • Leading design effort and designing e2e security architectures, particularly to set up new security capabilities to the organisation (e.g., Pen testing service) and secure and simplify the technology state (e.g., Hr systems consolidation, infrastructure modernisation, insourcing it services)
  • Actively lead the design / provide strategic guidance in the design stages of projects and assure the development process for security architectures.
  • Help define the IT governance framework establishing architectural principles, policies and standards. Active member in architectural boards.
  • Making technical decisions regarding security solutions and designs, explaining how these decisions will impact the organisation, ensuring that multiple business teams, domain architects and suppliers are aligned to the delivery of the design.
  • Completing the impact assessment of proposed security of technology changes, providing recommendations, scope statements, engaging with suppliers to assess changes and providing cost and benefit models for the generation of business cases for change.
  • Performing technical audits on existing solutions, vendor capabilities and potential new ventures.
  • Help identify and structure technical security requirements and schedules in tenders and contracts to help consolidate suppliers, technologies, procure new services and tools. Taking an active role as required during the tender process to complete security architectural evaluation of bids
  • Develop the architecture community, inspiring other architects, coaching and helping them and other it teams understand how to meet organisational goal

You'll need to be:

The ideal candidate will have in-depth experience in a wide range of security technologies and in key technologies in use by the organisation across. This individual will be able to understand the complexities of the organisation, processes, information, and technologies to design future-state security architectural solutions and roadmaps that best meet the organisational needs.

  • Passionate about cybersecurity and dedicated to staying ahead of evolving threats, staying up to date with the latest cyber threats, attack techniques, and security technologies to proactively identify potential risks and recommend appropriate countermeasures.
  • Proficient in conducting penetration tests and vulnerability assessments, with a strong understanding of common security vulnerabilities and attack vectors, as well as the ability to exploit and mitigate them.
  • Have strong knowledge of security technologies, intrusion detection/prevention systems, firewalls, antivirus, and vulnerability management tools.
  • Possess in depth knowledge of network protocols, operating systems, and web technologies.
  • Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate complex security concepts to non-technical stakeholders
  • Strong problem-solving and analytical skills, with the ability to think creatively and strategically to identify and address security risks.

Demonstrated ability to work independently and manage multiple projects simultaneously

As a minimum, you will need to have:

  • Bachelor's degree in computer science, Information Security, or a related field.
  • Academic excellence should be backed by sound and broad information security knowledge, relevant qualifications (e.g. CISSP, CISM, IISP/CCP, TOGAF, SABSA) and a track-record delivering security solutions for large-scale infrastructure or integration programmes
  • Proven background as a Security Architect at group/enterprise level, serving as a Security Architect in an organisation with at least an equivalent or greater scale than First Group
  • .Familiarity with security frameworks and standards such as NIS CAF, NIST Cybersecurity Framework, ISO 27001, and CIS Controls.
  • Security Check (SC) vetting clearance is a conditional requirement of the role. Desirable if SC is already held

About the location

Hybrid role. Our office is conveniently located in a vibrant and accessible urban setting, offering a blend of work-life balance and professional opportunities in the heart of the UK transport network.

Working pattern

This is a full-time position with flexibility in working hours to accommodate project requirements and team collaboration.

Additional Information

We are committed to fostering a diverse and inclusive workplace where every individual's unique talents and perspectives are valued. We offer ongoing training and development opportunities to support your professional growth and career advancement.

The Reward

In return for your expertise and dedication, we offer a competitive salary package, comprehensive benefits, and a rewarding work environment where your contributions make a meaningful impact on the safety and security of our transportation services.

Join us on this exciting journey to safeguard the future of transport security and be part of a team that is shaping the future of public transportation in the UK. Apply now and elevate your career to new heights with us!

We all belong at FirstGroup. FirstGroup's vision is to provide an inclusive environment for all colleagues, across its group of businesses, ensuring all candidates have an equal opportunity to access meaningful employment.

We value our differences such as age, gender, LGBTQIA+, ethnicity, religion, and disability. We maintain a zero tolerance towards any form of prejudice towards our colleagues, customers, and future talent.

We celebrate and encourage diversity of thought, progressive ways of working and seeing all our colleagues grow and thrive.

We review all roles and job descriptions to ensure they are accessible and, where possible, we support and provide flexible working options; we recommend that you refer to each vacancy description for further details.

If you require additional support to complete your application due to a disability or neurodivergent condition, for example, dyslexia, dyspraxia, or autism, please follow the links below. We encourage you to share any additional needs you may require so we can provide a fair and equal process for all who apply.

https://exceptionalindividuals.com/neurodiversity/

https://www.healthassured.org/blog/neurodiversity/

Read Full Description
Apply
Jobs at First Rail
Similar Jobs
Confirmed 7 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

The Joy of B-Corps
What is a Unicorn Startup?
Leaving Consulting: The Why, When, How and What For?
Managing a Software Career
Leaving Banking: The Why, When, and How
Write a Resume Like Leonardo Da Vinci