Head of Security Architecture in Reading

We’re looking for a Head of Security Architecture to be the strategic authority for security-by-design across Digital. Reporting to the Chief Information Security Officer, this role leads the definition, development and execution of our security architecture strategy, ensuring that all platforms, technologies and services are designed, delivered and operated securely.

As a key member of the Digital Extended Leadership Team, you’ll provide influential leadership on security risk, architectural direction and the secure enablement of our digital ambitions — balancing innovation with resilience in a complex, critical-infrastructure environment.

What you’ll be doing as the Head of Security Architecture

• Security Architecture Leadership
  • Own, define and continuously evolve the Security Architecture Strategy and its supporting frameworks.
  • Embed secure-by-design principles across Digital, ensuring security requirements are incorporated through delivery and into operations.
  • Lead the development, governance and optimisation of security controls across all programs, ensuring they are effective, measurable and aligned to recognised industry frameworks and regulatory expectations, which are in turn, mapped to internal Information Security Standards.
  • Oversee the integration of threat modelling, risk assessment and secure design principles into Digital programmes, projects and service lifecycles.
• Strategic Influence & Cross Digital Collaboration
  • Act as a senior strategic advisor within the Extended Leadership Team, advocating for security informed decision making and helping shape Digital’s technology direction.
  • Build strong relationships with Enterprise Architecture, Enterprise Security Architecture, Engineering, Delivery, Operations and business leaders to ensure security architecture is understood, adopted and aligned to organisational objectives.
  • Provide architectural steer and security assurance into major transformation initiatives, technology roadmaps, procurement activity and third-party engagements.
• Technology and Information Security and Standards
  • Ensure technical standards align to and address Information Security and Cyber requirements, controls and strategy.
  • Support and guide the development and maintenance of security architecture patterns, standards and reference models.
  • Support and guide the evaluation and selection of security technologies, ensuring they integrate effectively into the wider architecture landscape.
  • Ensure the organisation’s security architecture remains current with evolving threats, technologies and industry practices.
• Risk Management & Control Assurance
  • Oversee and enhance processes for risk-based architecture decision making, ensuring transparency and accountability across Digital.
  • Drive the assessment of control effectiveness and lead architectural strategies to address control gaps, vulnerabilities and emerging threats.
  • Partner closely with Information Security Governance, Cyber Operations, Security Engineering and other teams to provide holistic risk visibility across Digital services.
• Leadership & Team Development
  • Lead, mentor and inspire the security architecture team, cultivating technical excellence, critical thinking and a collaborative culture.
  • Demonstrate visible personal leadership, modelling the behaviours expected across Digital and championing a mature, business aligned security culture.
  • Build capability across Digital by promoting knowledge sharing, architectural consistency and secure design thinking.

Base location – Hybrid – Clear Water Court Reading

Working hours – 36 hours

Necessary requirements for the role – Security Clearance is required (must be completed prior to start date)

What you should bring to the role

• Proven leadership in security architecture within a complex enterprise environment
• Experience in critical infrastructure, utilities or the public sector
• Deep, holistic knowledge of cyber / information security
• Strong understanding of secure design, threat modelling, cloud and on-prem architectures, identity platforms
• Demonstrated ability to influence senior stakeholders and lead teams

Technical Skills

• Strong familiarity with frameworks such as NIST, ISO 27001, SABSA, TOGAF
• Broad experience across cyber security domains (e.g. IAM/IDAM)

Extra qualities that would be a great fit for our team:

• Experience working with vendors, procurement and contract management
• Experience supporting regulatory and compliance frameworks (e.g. SEMD, CAF)
• Relevant degree and certifications (CISSP, CISM, CCSP, SABSA, TOGAF)

What’s in it for you?

• Competitive salary of up to £105,000 per annum depending on experience
• Annual Leave - 26 days holiday per year increasing to 30 with the length of service (plus bank holidays)
• Car Allowance
• Performance-related pay plan directly linked to company performance measures and targets
• Generous Pension Scheme through AON
• Private Medical Health Care
• Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.

Who are we?

We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive.

Learn more about our purpose and values

Working at Thames Water

Thames Water is a unique, rewarding, and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy meaningful career opportunities, flexible working arrangements and excellent benefits.

If you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region, and our planet.

Real purpose, real support, real opportunities. Come and join the Thames Water family.

Why choose us?

We’re committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process. If you need any adjustments, whether that’s extra time, accessible formats, or anything else just let us know, we’re here to help and support.

When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience.