Lead Security Architect

Lead Security Architect

Freelance 70000 - 90000 £ / year (est.) Home office (partial)
Alexander Mann Solutions - Public Sector Resourcing

At a Glance

  • Tasks: Lead the development of security architecture and processes for HS2's systems.
  • Company: Join HS2, a pioneering project transforming transport in the UK.
  • Benefits: Hybrid working, competitive pay, and opportunities for professional growth.
  • Other info: Promote diversity and inclusion while working in a dynamic environment.
  • Why this job: Make a real impact on security architecture in a groundbreaking project.
  • Qualifications: Experience in security architecture and governance, with strong communication skills.

The predicted salary is between 70000 - 90000 £ per year.

On behalf of HS2, we are looking for a Lead Security Architect (Inside IR35) for a 6 Month hybrid contract up to 3 days per week based in Birmingham.

Job purpose

The Lead Security Architect is responsible for leading the development of security architecture and processes to embed the strategic application of security-related change across HS2's systems and solutions. The role owns the security domain architecture and oversees the design of HS2 security systems, setting appropriate design guardrails, standards, and policies to guide the development and implementation of products and platforms across HS2.

Role of Directorate and Capability

IT sits within the CFO Directorate, playing an essential role in daily operations and success of the programme. The department provides technical leadership, advisory and delivery of IT services across HS2 Ltd, enabling the delivery of HS2's mission.

Accountabilities/Responsibilities

  • Develop and implement enterprise-wide security architecture policies, patterns, processes and guardrails to embed the strategic application of change to ensure resilience of HS2-wide systems and solutions.
  • Establish and manage the Security Architecture practice and capabilities across HS2, leading knowledge sharing and skills development efforts and driving consistency across HS2.
  • Oversee the design of HS2 security systems, setting appropriate design guardrails, standards, and policies, balancing functional and non-functional requirements, and managing associated risks.
  • Set strategies, policies, standards and practices to ensure compliance and alignment between business strategies, technology strategies, and security activities.
  • Lead definition and continued maturity of Security Architecture frameworks which aligns to wider enterprise-wide architecture.
  • Capture and prioritise market and environmental trends that impact security, identifying business benefits of alternative security strategies.
  • Support the development of HS2 IT's information security strategy, ensuring that it aligns with wider Enterprise Architecture standards and HS2 IT objectives.
  • Build strategic relationships with external stakeholders to understand security requirements and pain-points.
  • Support the development of wider security roadmaps that provide proactive capabilities which enable business objectives.
  • Actively promote and embed Equality Diversity and Inclusion (EDI) in all your work, and support and comply with all organisational initiatives, policies and procedures on EDI.

Skills:

  • Security and Enterprise-wide architecture.
  • Ability to develop a security architecture and support the development of a future state architecture aligned to strategy.
  • Ability to support the translation of business drivers, goals and constraints into business objectives.
  • Governance and assurance.
  • Ability to evolve and define governance and take responsibility for working with other stakeholders across HS2's wider governance structure.
  • Assure standards, guardrails and principles to effectively govern delivery.
  • Problem definition and shaping.
  • Ability to define security-related strategies and policies, providing guidance to others on working within a strategic context.
  • Agile working.
  • Ability to coach and lead teams in Agile and Lean practices.
  • Stakeholder communication.
  • Ability to communicate with stakeholders at all levels and manage stakeholder expectations.
  • Emerging technology monitoring.
  • Ability to identify and assess new and emerging technologies, products, services, methods and techniques.

Knowledge:

  • Knowledge of IT Security Frameworks, methodologies, and best practice/guidance such as NCSC standards.
  • Secure by Design Principles.
  • Familiarity with ISO 27001 and Cyber Essentials Plus.
  • Knowledge of agile methods and their implications for Security Architecture.
  • Knowledge of architecture principles, patterns, and their application within an organisation.

Type of Experience:

  • Experience across industry frameworks and best practices (eg, NCSC CAF, CIS CSC, etc.).
  • Experience of supporting design for complex solutions including risks and remedies.
  • Experience of overseeing high-level designs for major solutions, managing design requirements, and maintaining an audit trial for a design control process.
  • Experience of defining complex technical models and communicating technical models clearly to stakeholders at all levels.
  • Experience of successfully applying Security Architecture methods and approaches to complex scenarios.
  • Experience working in a multi-vendor environment.
  • Experience working with system architectures, displaying a strong understanding of the impact of vulnerabilities on varied systems.

Please be aware that this role can only be worked within the UK and not Overseas.

Disability Confident

As a member of the Disability Confident Scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. This scheme encourages candidates with a disability and/or neurodivergence to apply.

In applying for this role, you acknowledge the following: this role falls in scope of the Off Payroll Working in the Public Sector legislation. Any rates of payment quoted will reflect the gross rate per day for the assignment and will be subject to appropriate taxes and statutory costs. As such the payment to the intermediary and your income resulting from this contract will be different.

Lead Security Architect employer: Alexander Mann Solutions - Public Sector Resourcing

HS2 is an exceptional employer, offering a dynamic work environment in Birmingham that fosters innovation and collaboration. With a strong commitment to employee growth, HS2 provides opportunities for professional development and encourages a culture of inclusivity and diversity. The hybrid working model allows for flexibility, making it an ideal place for those seeking meaningful and rewarding employment in the field of security architecture.

Alexander Mann Solutions - Public Sector Resourcing

Contact Details:

Alexander Mann Solutions - Public Sector Resourcing Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Lead Security Architect

Get Active on Cybersecurity Forums

Join platforms like Stack Exchange and Reddit’s r/cybersecurity to hang out with industry pros, learn the latest, and share your insights. This will not only boost your visibility but also help you connect with potential clients who might need your freelance services.

Show Off Your Skills with Public Projects

Create a few open-source projects or contribute to existing ones that showcase your cybersecurity skills. Use GitHub to display your work, as this is an excellent way to attract clients looking for freelancers with a proven track record.

Attend Local Conferences and Meetups

Make sure to hit up cybersecurity meetups, workshops, and conferences in your area. These events are goldmines for networking, and you’ll often find people looking for freelancers after a chat over a coffee – so come prepared with your business cards and a killer elevator pitch!

Market Yourself Smartly

Set up a professional website that showcases your portfolio, expertise, and client testimonials. Optimise it for SEO with relevant keywords so potential clients searching for cybersecurity freelancers can easily find you. Don’t forget to link to your site on all your social media and profiles!

We think you need these skills to ace Lead Security Architect

Security Architecture
Enterprise-wide Architecture
Governance and Assurance
Agile Methodologies
Stakeholder Communication
Emerging Technology Monitoring
IT Security Frameworks

Some tips for your application 🫡

Show Your Skills Through a Strong Portfolio:Since you're applying for a freelance role in cybersecurity, it's crucial to showcase your technical skills through a detailed portfolio. Include case studies of projects you've worked on, any security tools you've developed or assessed, and specifics on the methodologies you’ve used. This will help Alexander Mann Solutions - Public Sector Resourcing understand what you're capable of.

Certifications Matter!:Make sure to list any relevant certifications you hold, such as CISSP, CEH, or CompTIA Security+. Freelance clients often value these credentials as they reflect your expertise and commitment to the field. If you’re actively pursuing more certifications, don’t hesitate to mention that too!

Rates, Availability, and Your Work Style:In your application, it’s essential to be clear about your freelance rates and availability. Clients appreciate transparency. Mention how many hours a week you can dedicate and your preferred working hours, as this sets expectations from the start and shows you're organised and professional.

Tailor Your CV to Highlight Cybersecurity Experience:When crafting your CV, make sure to tailor it specifically to cybersecurity. Highlight projects, tasks, and achievements related to security assessments, vulnerabilities you've mitigated, or compliance work you've undertaken. Keywords relevant to the job can grab attention and increase your chances of landing a spot at Alexander Mann Solutions - Public Sector Resourcing.

How to prepare for a job interview at Alexander Mann Solutions - Public Sector Resourcing

Showcase Your Cybersecurity Skills

As a freelancer in cybersecurity, it’s crucial we demonstrate not just our knowledge but our practical skills too. Be ready to discuss specific tools you’ve used, like Wireshark or Metasploit, and share relevant experiences where you identified vulnerabilities or mitigated risks in past projects.

Prepare Your Portfolio

Unlike traditional roles, freelancing relies heavily on your portfolio. Let’s curate a selection of past work that showcases our best projects. If we’ve handled penetration tests, audits, or incident responses, be sure to highlight these in your portfolio, and share any client testimonials if we have them.

Stay Updated on Trends and Tools

Cybersecurity is an ever-evolving field, so we should be prepared to chat about recent developments and how they impact our work. Familiarise ourselves with the latest threats, tools, and frameworks, like MITRE ATT&CK, that are pertinent to the projects we’re pitching.

Pitching Your Value as a Freelancer

When freelancing, we often need to negotiate our rates and value propositions. Be ready to explain how our skills can help Alexander Mann Solutions - Public Sector Resourcing protect their assets and manage risks. It can help to outline some potential strategies or improvements we could implement for them based on their current setup.