Senior Security Architect

About the role

Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to PwC's clients. In a recent PwC survey it remains the top risk in the minds of CEOs globally, with 91% of UK CEOs rating it as a significant concern. Businesses are changing rapidly, facing disrupted supply chains, rapidly changing workforces and accelerating digital transformation on an unprecedented scale.

At PwC we help our clients transform, and our cyber security practice enables them to execute that transformation securely and to become more resilient to cyber security threats. Our cyber security practice operates nationally, and serves clients holistically with strategy, risk and governance advice, and with deep technical implementation and assurance expertise.

As one of the largest cyber security specialist consulting practices in the UK, we have over 250 practitioners who range from business risk advisors who work with CEOs, CFOs and boards, to transformation specialists who execute major change programmes, to deep technical SMEs who help clients implement controls to secure their businesses from attack, and support them to respond when an attack occurs.

Our practice is experiencing significant growth which is driven by demand from our clients for greater assistance in dealing with increasingly complex cyber security risks, and support in executing their change and growth agendas securely. We believe helping our clients gain confidence in their digital future is essential to their growth, and as a result our cyber security practice is one of the key growth priorities of our firm.

What your days will look like:

• The Senior Security Architect is responsible for leading the development of information security architecture and ensuring technology initiatives are implemented within the framework to make our client's organisations secure.
• They are accountable for securing enterprise information by identifying network and application security requirements, planning, implementing and testing security controls and procedures.
• The role is customer facing.
• Work closely with enterprise architects to identify and mitigate risks, perform security reviews, design top tier security practices, and deliver strategic, innovative security offerings.
• Propose, design, plan and execute strategic and tactical operational security objectives.
• Work with our clients' cloud/security architects to help design and implement appropriate cloud guardrails.
• Knowledge or experience in securing key SaaS platforms such as: Workday, SAP, Salesforce, Oracle etc.
• Perform deep analysis and develop metrics that measure current risk.
• Identify appropriate technology/data sources and drive the collection of data necessary to effectively evaluate threats.
• Communicate threat intelligence and vulnerability management options.
• Analysing threats and current security controls to identify gaps in current defensive posture.
• Meet with clients and lead workshops.
• Work directly with our alliance partners namely Microsoft, Google and AWS.

The role is for you if:

• The ideal candidate will have an ability to communicate security and risk-related concepts to key stakeholders along with experience with the following:
• Architecture and security management.
• Strong understanding of security best practices.
• Securing network and enterprise cloud applications.
• A good understanding of cloud well-architected frameworks across the main CSPs.
• Security frameworks, such as ISO/IEC 27001, NIST 800-53 or OWASP.
• Knowledge of host hardening, auditing, logging and monitoring, network security, SIEM deployments, security analytics, anomaly detections, PKI.
• Market understanding of industry trends for cybersecurity, risk & threat intelligence, and governance.
• Proven implementation of cloud security models, particularly identity, network, and encryption.
• Demonstrated understanding of Microsoft, Google or AWS security technologies and strategy.
• Program management skills and solution support for security transformation/implementation programs.
• Business case development skills for justifying, prioritising & forecasting the funding requirements for security programs and initiatives.

Your certifications may include:

• SABSA
• TOGAF
• FISSP
• CISM
• AZ-305: Microsoft Azure Expert or AZ-500: Microsoft Azure Security
• Google Professional Cloud Architect or Professional Cloud Security Engineer
• AWS Certified Solutions Architect
• Microsoft Mobility MCP Exam 98-368 or other relevant certifications.

To supplement the technical knowledge and project delivery experience, the successful candidate will come from a consulting background with good customer facing skills, the ability to gather customer requirements and produce high quality written deliverables. As a consultant, you must be willing to travel to our client locations as needed.

You likely have a Bachelor's Degree in computer science, computer engineering, management information systems, information technology, or a similar field. An equivalent combination of education and experience may substitute for a degree.

What you'll receive from us:

No matter where you may be in your career or personal life, our benefits are designed to add value and support, recognising and rewarding you fairly for your contributions. We offer a range of benefits including empowered flexibility and a working week split between office, home and client site; private medical cover and 24/7 access to a qualified virtual GP; six volunteering days a year and much more.