Information Security Architect at Save the Children

Role Purpose:

The new role of Information Security Architect will report directly to SCI’s Director of Information Security and Data Protection (Global CISO) and will be responsible for developing security architecture and technology solutions to address the growing cybersecurity and compliance requirements of the organisation.

Working alongside Security Operations and Information Assurance colleagues, as well as technical and business teams from across the wider organisation, you will be expected to review SCI’s existing information security architecture, identify design gaps and recommend appropriate enhancements.

This is a highly collaborative role that will require combining extensive technical knowledge with strong communication and facilitative skills.

EXPERIENCE AND SKILLS

Essential

• Proven ability to design end-to-end architecture solutions with strong business analysis/client-facing skills to engage a diverse stakeholder population
• Security Architecture strategy and design and working effectively within application security, including secure application development (security in SDLC phases) and architecture
• Demonstrable experience of Operational Security controls and regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST CSF, etc.)
• Experience in developing solution architectures for Azure including Azure / Entra AD, Azure SQL and Service Fabric.
• Experience of securing of cloud services (SaaS/PaaS/IaaS)
• Experience of threat modelling and / or attack surface analysis
• Good knowledge of secure coding standards and best practices (CERT/OWASP/SANS/WASC/MITRE) and understand the most appropriate cryptographic techniques and how they should be used by enterprise organisations
• Familiarity or experience of architectural frameworks such as TOGAF and Zachman
• Experience of configuration management / change management
• Clear understanding of web services (REST, SOAP), SOA, CQRS, Messaging (ESB) and distributed systems
• Possess a strong work ethic and take initiative and ownership to deliver business value
• Proven team leadership abilities with the ability to motivate and mobilise individuals outside their reporting line
• Good communication skills (written & oral English), including the ability to communicate and present both at a technical and non-technical level to stakeholders of all levels
• Ability to write high quality requirements / user stories when required

Desirable

• Cultural awareness and experience of delivering solutions internationally
• Experience in working on Enterprise/ Business Architecture strategies, roadmaps, business and technology capabilities and frameworks.
• Experience of working within an agile project delivery environment
• Understanding of application lifecycle management, the value of TDD and continuous integration