Security Architect

Job description

Job responsibilities

In this role, you will be responsible for:Security Architecture/Operations

1. Providing security leadership in the development and delivery of the NHSBSA digital services, working with other technical architects andspecialist SMEs, leading the design of the solution.2. Working across/within different programmes and across different layers of architecture as needed and to translate business securityrequirements into IT services, solutions, investment and migration roadmap.3. Take ownership of a particular area of the business service, project or programme IT security architecture and ensure consistency withthe Enterprise Architecture, HMG Security Strategy, HMG Digital Strategy and DH Digital Strategy and provides input into IT Strategy.4. Responsible for the security blueprint solutions for complex protective security of both physical and data assets clearly defining the asis andto-be security architectures and document the transition to the to-be solution and its integration in the overall Enterprise and SecurityArchitecture blueprints.5. Present the security design solutions to NHSBSA Senior Management, project and programme teams, and where appropriate, externalsenior business stakeholders and be able to communicate and engage with a wide range of stakeholders to help shape and deliver ITchange. Articulate to a professional standard, both complex security threats and the proposed technical solutions in clear, informative andaccessible language, tailored as necessary for the intended audience.6. Responsible to ensure the security solutions presented to architecture governance board within the programme pass architecturegovernance gates.7. Ensure that the infrastructure security architectural design remains up to date and that obsolete elements are phased out of the architecturewhilst ensuring business continuity and return on investment.

Staff Management

1. Management of staff including all line management responsibilities, performance management, appraisals, disciplinary, and standard HRprocesses.2. Participates in the recruitment, interviewing and selection of staff as and when necessary.3. Responsible for prioritising and planning own whilst contributing to the teams work and providing input to the prioritisation of projects andprogrammes proposed and/or underway.

Knowledge Management

1. Research of the marketplace and constant awareness of industry trends and innovation using information to inform the ICT security strategyof the NHSBSA and as input to design activities.2. To work with NHSBSA staff and Third Parties to ensure that security standards, governance and processes are in place for producing.3. and maintaining up to date, comprehensive, comprehensible documentation which will include IT service security blueprints for all systemsand services.

Relationship Management

1. Identify opportunities, engaging and fostering relationships and partnership working within the organisation, and with third parties, to identifyand deliver value to the organisation.2. Working across/within different programmes and across different layers of architecture as needed and to translate business securityrequirements into IT services and solutions.3. Work with organisations external to the NHSBSA (e.g. the DH and GDS) when necessary to assist in clarifying their needs and requirementsand be capable of devising options for security solutions, along with full assessment and cost estimation.

Information Management

1. Handles sensitive commercial & financial information, ensuring that the security solution architectural designs adhere to relevant legislationand standards including for example, Information Security, NHS Confidentiality and Data Protection legislation.2. Implement, monitor and report on a number of areas including agreed service levels, KPI's and standards within security operations.3. Monitor, report, present or escalate issues as appropriate to the Security Operations Manager.

Delivery Management

1. Operate as an SME and point of authority on security architecture, making credible, pragmatic and practical security decisions andcommunicate with sensitivity and diplomacy to ensure the right technical direction is followed and to guide the business to make the best useof its existing IT where appropriate and to make recommendation about what other IT assets it needs to invest in.2. To demonstrate creativity and innovation in applying IT solutions and services to develop and improve services and quality for the benefit ofthe organization and/or the end user of technology services. This includes devising and managing security initiatives to enable exploitation ofdigital services, capacity, performance, and system availability improvements that ensure business targets are met or exceeded and legacyservices decommissioned, whilst ensuring data security and controlled access to data.3. Responsible for providing expert help and guidance across the lifecycle of a security solution implementation, including technical and nontechnical aspects. This includes the migration of services across suppliers and closely with Technical Architects ensuring the solution andservice design is successfully translated, built delivered and operated to meet security and business requirements.4. To identify and interpret DH, GDS, local and national security policy changes and directives, and assess the impact on IT Infrastructure andsurrounding processes, including influencing policy information within own security specialism.5. Produce and deliver in depth reports and/or presentations to NHSBSA, HMG or DH stakeholders staff and external parties, on any aspect ofthe work delivered.6. Promotes best practice in health, safety and security and ensures safe use of all IT systems and equipment.7. Is aware of their own development requirements and actively seeks development opportunities for themselves and their team.8. Responsible for promoting and supporting peoples equality, diversity and rights.

Person Specification

Personal Qualities, Knowledge and Skills

• Proven experience in developing and implementing security solution and enterprise architecture and design strategies in a multi supplier environment.
• Proven ability to undertake detailed security analysis of technical designs and provide the business with security assurance of supplier designs and proposals.
• Broad technical knowledge covering web applications and services, information, infrastructure, cloud and managed service architectures. Knowledge of GDS Principles.
• Industry Recognised Qualifications e.g. CISSP, CISMP, CCP, HMG Information Standards, ISO Standards.
• Knowledge, and ideally experience, of emerging security technologies to mainstream business, including: Cloud technology; Mobile devices and apps; Collaborative working tools.
• Experience of effective stakeholder management.

• Enterprise architecture components and frameworks experience such as TOGAF, SABSA.
• Recent and demonstrable Team and Line Management experience.

Experience

• Complex system, information and security solution design.
• Developing and implementing security solution and enterprise architecture and design strategies in a multi supplier environment.
• Comprehensive and recent experience in architecting security solutions in high-volume digital services.
• Demonstrate detailed understanding of the security implications and appropriate security controls of hosting sensitive information in large scale UK Cloud based cloud infrastructure environments.
• Ability to demonstrate a deep knowledge of security and privacy risks and threats along with a strong understanding of key considerations such as confidentiality, availability, integrity, non-repudiation and privacy.
• Working with HMG Information Assurance Standards and Good practice guides including the security policy framework.

• HMG Government Security GPG Guides.
• Transition of legacy services into digital cloud-based solutions.
• Team and Line Management, including staff development.

Qualifications

• An IT related degree or equivalent.
• Industry Recognised Qualifications e.g. CISSP, CISMP, CCP, ISO 27001 implementer.
• plus, significant demonstrable experience in two of the of the following: IT Security Architecture, Working in a number of complementary security roles and/or System and Service Architecture Design
• OR Significant demonstrable experience over a number of years in at least three of the following: IT Security Architecture, HMG Information Standards and best practice, Working in a number of complementary security roles, System and Service Architecture Design and/or Management of a significant ICT implementation

• TOGAF/SABSA Certification or equivalent, or willing to work towards this certification.
• CESG Certified Professional (CCP) Senior IA Architect Experience of working in an agile environment and experience with agile methodologies such as Scrum, Kanban.
• ITIL Certification.

Certificate of Sponsorship

Applications from job seekers who require current Skilled worker sponsorship to work in the UK are welcome and will be considered alongside all other applications. For further information visit the UK Visas and Immigration website.

From 6 April 2017, skilled worker applicants, applying for entry clearance into the UK, have had to present a criminal record certificate from each country they have resided continuously or cumulatively for 12 months or more in the past 10 years. Adult dependants (over 18 years old) are also subject to this requirement. Guidance can be found here Criminal records checks for overseas applicants.

Employer details

Employer name

NHS Business Services Authority

Address

Stella House

Goldcrest way, Newburn Riverside

Newcastle Upon Tyne

NE15 8NY

https://www.nhsbsa.nhs.uk/what-we-do/work-us