Information Security Architect in London

We are one of the largest international law firms in the world. With over 30 offices across the globe, we strive to exceed the expectations of our clients, providing them with the highest-quality advice and legal insight, which combines the firm’s global standards with in-depth local expertise. Our firm, work and people span jurisdictions, cultures, and languages. We offer our clients a truly international perspective. We believe every career should be rewarding and stimulating - full of opportunities to learn, thrive, and grow. That’s why we’re so proud of our inclusive, friendly, and team-based approach to work.

You’ll find our clients in commercial and industrial sectors, the financial investor community, governments, regulators, trade bodies, and not-for-profit organisations. We provide a world-class service every step of the way, thanks to an entrepreneurial spirit and conscientious approach to work across all teams. Whichever area of the business you join, you’ll become part of an innovative, diverse and ambitious team. Clifford Chance is a place where the brightest minds and the best of colleagues meet.

Working as part of the wider Security Architecture, Engineering and Resilience team, the Information Security Architect is the responsible authority with the requisite knowledge to work across a wide variety of portfolios, providing Information & Cyber Security domain expertise to help deliver strategic technical direction that can optimise enterprise outcomes. This role focuses on the implementation of Information and Cyber Security across multiple portfolios within the CC IT space. It is a key role in delivering Information & Cyber Security transformation and ensuring a secure and resilient end-to-end experience for users.

• Maintain a high-level holistic vision of Information Security within enterprise solutions and development initiatives.
• Build, contribute and maintain Information Security input to domain-level roadmaps, aligning to the firm’s core business capabilities in a secure manner and to longer-term security and business roadmaps.
• Architect, design, build and run Security services for the wider IT function including IoT, OT and IT (on-prem and cloud).
• Communicate strategic Information Security themes and other key business drivers to solution architects and non-technical stakeholders.
• Contribute an Information and Cyber Security perspective to wider architectural initiatives in the portfolio where applicable.
• Attend and participate in Data Governance Board project proposal reviews for data security and appropriate data use.
• Influence Information & Cyber Security best practices with regards to common modelling, design and coding practices, working with development teams to ensure security across the portfolio.
• Collect, generate and analyse innovative ideas and technologies applicable to the enterprise domain.
• Address Information Security innovation as part of the future of architecture.
• Synchronise system, data security and quality; production infrastructure; solution user experience governance; scalability and other non-functional requirements across solutions where applicable.
• Participate in Release Planning activities from an Information Security perspective.
• Work with aligned IT functions to assess security architectural requirements and engagement to fit demand.
• Maintain awareness of day-to-day Information Security architecture work and reflect feedback in roadmaps.

Your experience:

• Ideally, an Information Security professional with both technical design and engineering expertise across a range of technologies and a comprehensive knowledge of Information & Cyber Security frameworks and principles.
• Fully conversant with the Microsoft suite of tools (E5, DFC, Sentinel, Entra, Defender for IoT).
• Exposure to Endpoint, Data Protection, Threat Intelligence and Application Security technologies.
• Experience in creating architecture design documents, including HLDs and LLDs.
• Exposure to data privacy standards and implementations.
• Extensive senior stakeholder management skills.
• Able to work on multiple projects simultaneously and manage time effectively.
• Ability to work collaboratively with IT teams, legal professionals, and other stakeholders to ensure security measures align with business objectives.
• Excellent communicator with strong analytical and problem-solving skills.
• Knowledge of architecture frameworks such as The Open Group Architecture Framework (TOGAF) and the ability to develop and maintain personal architectural knowledge, skills and abilities.

• At least 10 years IT experience, five years in a senior engineering or security architecture role within a global organisation.
• Comprehensive knowledge of Information Security & Cyber Security domains, with architecture or engineering experience as an architect understanding framework requirements (NIST, Cyber Essentials, ISO27001).
• Experience in a global professional services or corporate environment (legal/finance/banking).
• Solid understanding of TOGAF, SABSA, BSIMM, NIST, ISO 27001, etc.
• Secure development principles for multiple delivery methods (Agile, Waterfall, etc.).
• Information Security Risk and Threat Management experience.
• Ability to champion Information Security Architecture principles at an enterprise level.
• Experience with Prince2, PMP, Lean & Agile tools (e.g., Agile Central or JIRA) is preferable.
• Experience developing IT roadmaps for business or technology areas.
• Experience working with diverse technologies and processing environments; adaptability to changing environments.
• Ability to build information and system resilience into architecture plans to meet business requirements.

Highly developed written and verbal communication skills, capable of producing global communications to varied audiences at all levels in both Practice Areas and Business Services. Excellent verbal and interpersonal communication skills; customer-facing interaction or consulting experience is a plus.

The ideal candidate will be CISSP certified or qualified, preferably with CISM.

At Clifford Chance, we place the client at the centre of everything we do. We seek people who are client-focused and motivated to exceed client expectations. We are looking for people who can demonstrate interest in understanding client priorities, are self-starters and team players, listen, question and deliver, are reliable and responsive, and demonstrate the highest level of ethics.

This role follows a balanced hybrid working approach; you will be supported to work in a hybrid way with a minimum expectation of 50% of time in the office.

We offer a broad range of benefits to support personal and professional life. For specifics in the UK, please visit our What We Offer page on our career site.

We are committed to treating all employees and applicants fairly and equally regardless of gender, gender identity, race, disability, religious belief, sexual orientation, age, or other attributes. We have employee networks and strive for equality of opportunity, aspiration and experience for everyone who works in our firm.