- Signiifcant track record of experience in cyber security, with at least 5 years in security architecture including experience with public cloud and solutions in large enterprises.
- Experience in using architecture methodologies such as SABSA, Zachman, etc
- Experience in using industry recognised security standards, frameworks and regulatory requirements such as NIST CSF / RMF / 800-53, CSA CSM / STAR, PCI DSS, NCSC CAF, ISO.
- Experience designing and implementing security solutions across various platforms and environments.
- Proven track record of managing cybersecurity risks and designing risk mitigation strategies.
- Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology.
- Experience securing CI/CD pipelines (e.g. DevSecOps).
- Experience or strong working knowledge of Security Platforms such as vulnerability management tools, security information and event management tools
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modelling exercises on new applications and services.
- Strong working knowledge of full-stack IT infrastructure, IT service management, and Well Architected Framework best practices.
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP) / other Cloud Security certification
- Information Systems Security Architecture Professional (ISSAP)
- Information Systems Security Engineering Professional (ISSEP)
About us
Post Office is an integral part of every community, upheld by the dedication and service of our postmasters. In a world that's constantly evolving, we recognise the importance of adapting and growing. As we navigate the shifting landscapes of a digital age, our commitment to evolving is stronger than ever; without losing the essence of personal touch that defines us. Our journey forward is one of reflection, learning, and positive change.
Whilst there is much work to be done, we're looking for people ready to think differently in tackling the challenges ahead – people who possess resilience and a deep sense of responsibility towards our postmasters and the communities they serve. This mission drives us, ensuring that we remain focused on our purpose and strategic intent. If you're inspired by the prospect of making a meaningful difference and contributing to a future where Post Office can stand as a model of renewed progress and integrity, we want to hear from you. Join us on our journey in making Post Office a business that belongs to and serves everyone, shaping a new future legacy.
Career Opportunities: Head of Enterprise Security Architecture - London, United Kingdom - Post Office
Description
Summary
Salary: Competitive
Grade:Band 4
Reporting Line: Chief Information Security Officer
Contract Type: Permanent
Location: London/ Chesterfield Hybrid
Closing Date: 2nd May 2024
What to expect
As the Head of Enterprise Security Architecture who will be a key lead team member of the CISO Function. You will play a pivotal role in defining our security strategy and architecture.
Leading the development, implementation and maintenance of a comprehensive security architecture framework, methodologies, standards, patterns and compelling strategies and roadmaps with input from the business, architects, engineering, operations, third parties, and the industry to safeguard the company's assets, data, and technology infrastructure.
The ideal candidate combines leadership with a deep understanding of cybersecurity threats, technologies, and best practices.
The CISO Function is responsible for ensuring that the cyber resilience of the Post Office is commensurate with the threats it faces and developing an integrated and comprehensive security strategy and associated architecture is key to protecting the organization.
You will develop and maintain a Post Office-wide security architecture framework, methodologies, standards and patterns that adhere to compliance requirements and industry best practices and govern company-wide security practices.
Motivate and lead security architecture initiatives across the organization to ensure that solutions are architected securely and in line with the enterprise security architecture.
Drive the adoption of secure by design principles and secure coding practices throughout Post Office, working closely with development teams and architects
Collaborate with key Post Office Stakeholders e.g. Business, Architecture, Engineering, Operations, Industry and Vendors to understand their business goals, security requirements, and risk appetite, translating them into effective security architecture strategies and roadmaps
Conduct strategic security architecture assessments, identifying vulnerabilities, risks, and areas for improvement, and provide investment recommendations to Portfolio Heads and Business / Platform Owners for remediation
Facilitate business and IT alignment, connecting strategy to execution, through a collaborative, supportive and consultative manner, driving the Post Office's digital business strategies and balancing innovation CISO, CTO, CIO offices and business functions to effectively drive strategy and interlock future demand.
What we can do for you
Now, more than ever, we understand that attracting the right talent is pivotal in driving the positive change needed throughout our organisation. Beyond a competitive salary, we offer a comprehensive benefits package that includes:
27.5 days annual leave that increases with tenure
Up to 18% on target bonus opportunity
Generous pension contribution
Car Allowance
Life assurance
Full support from our employee assistance programme and access to our employee benefits platform
Ever-evolving learning and development opportunities
Our commitment to embracing diversity extends beyond just words. We actively foster an inclusive workplace that values the unique perspectives and contributions from all colleagues. We hold the belief that Equity, Diversity, and Inclusion are not just vital but fundamental to our success and growth. Our priority lies in shaping a business that mirrors the diverse communities we reach, truly making Post Office 'Everybody's Business'. As an equal opportunity employer, we value and celebrate the differences among our people, ensuring that our practices reflect our dedication to inclusivity and equal representation for all.