Senior Lead, Information Security Technology and Architecture

Reports To: Director of Information Security, Data Protection and Global IT Operations

Work Pattern: Hybrid/Remote with flexible working options available

Location: Any approved Save the Children International office location.

Required Time Zone: Any

Contract Length: Permanent

Grade: P6

Right to Work: The successful candidate must possess the unrestricted right to work in their current or preferred location for the duration of employment.

Language Requirements: English

International Travel: up to 5-10%

Remit: Global

Team purpose: The Cybersecurity and Information Assurance team is responsible for safeguarding the confidentiality, integrity, availability of all SCI’s information assets (data and systems). The team is responsible for identifying, assessing and managing cybersecurity and information risk and investigating and managing cybersecurity incidents and data breaches.

Role purpose: The Senior Lead, Security Architect will report directly to SCI’s Director of Information Security and Data Protection and will be responsible for developing security architecture and technology solutions to address the growing cybersecurity and compliance requirements of the organisation.

Principal Accountabilities:

• Accountable for leading SCI’s Security Architecture domain, including the ongoing oversight and evolution of the organisation’s security architecture.
• Perform an architecture and consultancy role for senior technical and business stakeholders to guide them in security related architectural and strategic matters.
• Develop security architecture and technology solutions to address the current and emerging security and compliance requirements of the organisation.
• Review SCIs existing security architecture, identifying design gaps, technical debt, vendor and platform evolution impacts, and recommending security enhancements.
• Ensure alignment between security architecture frameworks and standards with the organisation’s overall missions and objectives.
• Provide technical leadership in architecting end to end solutions that meet business needs while ensuring that the implementation is in-line with the architectural principles, industry best practices and extensible and scalable for future needs.
• Assist in the development of enterprise security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures.
• Contribute to and support the governance of security architecture through participation in the Enterprise Architecture Board and relevant governance forums.
• Proactively identify and manage technical risks/issues; assessing the security architecture against evolving threat patterns, vulnerabilities, and architectural changes.
• Maintain active awareness of industry best practices, emerging technologies, and threat landscape developments.
• Create and maintain architectural and design artefacts to ensure the up-to-date documentation for the relevant programs and projects is readily available.
• Business partner with stakeholders in the organisation to understand business requirements.
• Contribute to the evolution and planning of the enterprise architecture by ensuring solutions are developed in line with technology and security roadmaps.

Experience and Skills:

Essential:

• Proven ability to design end-to-end architecture solutions with strong business analysis/client‑facing skills.
• Security Architecture strategy and design and working effectively within application security.
• Demonstrable experience of Operational Security controls and regulatory compliance and information security management frameworks.
• Experience of securing cloud services (SaaS/PaaS/IaaS).
• Experience of threat modelling and/or attack surface analysis.
• Good knowledge of secure coding standards and best practices.
• Proven team leadership abilities with the ability to motivate and mobilise individuals outside their reporting line.
• Good communication skills (written & oral English).
• Experience in security architecture governance and lifecycle management.
• Familiarity with AI security considerations and governance frameworks.

Desirable:

• Experience in developing solution architectures for Azure.
• Cultural awareness and experience of delivering solutions internationally.
• Experience in working on Enterprise/ Business Architecture strategies.
• Experience of working within an agile project delivery environment.
• Understanding of application lifecycle management.
• Experience supporting secure adoption and governance of Artificial Intelligence technologies.
• Clear understanding of web services, SOA, CQRS, Messaging systems, distributed systems, file transfer protocols, and direct SQL interactions.
• Experience of configuration management/change management.

Education and Qualifications:

Essential: Degree or diploma in Computer Science / Business Technology / Cybersecurity / Information Security, or relevant experience.

Desirable: Hold a Cybersecurity Masters Degree or a recognised cybersecurity or information security certification.

Diversity, Equity and Inclusion and Equal Opportunities: DEI is core to our vision, values and global strategy. Save the Children is committed to creating a truly diverse, equitable and inclusive organisation. We are committed to equal employment opportunities, regardless of gender, sexual orientation, race, colour, ethnic origin, nationality, disability, marital or civil partnership status, gender reassignment, pregnancy and maternity, caring or parental responsibilities, age, or beliefs and religion. We are committed to diversifying our staff to better represent the communities we serve and actively welcome underrepresented groups to apply.