Role Purpose
Senior hands-on secure engineer responsible for secure-by-design and operational security across the programme.
Validate every delivery activity from a cyber security perspective β from threat model at requirements capture, through architecture and design approval, build assurance, security testing, live validation, hyper-care, and operational handover to BAU and external assurance.
The principal authority on threat modelling, control validation, and security evidence across the CIS Controls v8.1 IG3 scope.
Key Responsibilities:
Operate as senior cyber architect and SME within the programmes structured operating model β actively engaged from requirements capture through to BAU handover, owning Definition-of-Done evidence at every gate.
Break down each Master Programme Plan activity into discrete People / Process / Technology tasks viewed through a cyber security lens β define the validation and assurance criteria, embed them as DoD acceptance criteria, and evidence them before status can advance.
Requirements: author threat model v1, control intent statement, and compensating controls; validate requirements against current operational baseline and monitoring posture.
Architecture (LEAD): author security architecture, safeguard mapping, and trust boundaries; approve the threat model; chair Security Council review of the architecture pack.
Design (LEAD): approve detailed security design, evidence template, and telemetry specification; validate operational controls in the design; confirm evidence-capture feasibility before build commences.
Build: run periodic build-vs-design reviews, architecture drift checks, and re-approve changes; configure operational controls, prepare security testing, support agent rollout, validate log feeds.
Test (LEAD): sign off that the security architecture is proven by test evidence; revalidate the threat model; lead security testing, penetration testing, control validation, and evidence pack creation.
Deploy: provide production architecture sign-off; confirm final control mapping in Continuous Control Monitoring (CCM); run live security validation, monitoring tuning, alert calibration, and IR playbook readiness.
Hyper-care (LEAD): address security-architecture defects, approve in-warranty changes; lead control monitoring and tuning; produce security evidence and establish Key Risk Indicator (KRI) baselines.
Handover: hand architecture over to the Security Council, lodge the final threat model, ensure the CCM tile goes live; transition operational controls to L1 SOC operations with a complete evidence pack to external assurance.
Liaise directly with external assurance providers on threat-model defensibility, control effectiveness, and evidence chain across the CIS Controls v8.1 IG3 scope.
Chair or jointly chair the Security Council review at the architecture stage gate; participate in TDA decisions at the design stage gate.
CIS Controls Deliverables
Threat model and control intent per in-scope safeguard, lodged with Security Council
Detailed security design + evidence template + telemetry specification at the design stage gate
Security testing pack + penetration test results + evidence pack at the test stage gate
Production security architecture sign-off + CCM mapping confirmation at deployment
KRI baselines and control-monitoring evidence at hyper-care
Final security architecture and threat model lodged with the Security Council at handover
External assurance evidence pack supporting each IG maturity gate (IG1 β IG2 β IG3 FINAL)
Definition-of-Done evidence at every stage gate from requirements through handover
Tech Stack Engagement
Threat modelling: STRIDE, MITRE ATT&CK, OWASP Threat Dragon, Microsoft Threat Modeling Tool
SIEM and log analytics: Microsoft Sentinel + Cribl + Elastic
Endpoint security: CrowdStrike + Defender Endpoint + Gem
Email & web security: Defender for O365 + Abnormal + Zscaler
Vulnerability management: Qualys + BMC Helix VR
Application security: Semgrep SAST + Snyk SCA + Burp Suite Enterprise + Akamai WAF
Operational cyber and GRC: BMC Helix SecOps + Remedyforce GRC
Penetration testing: Burp Suite Professional, Metasploit, Nmap, OWASP ZAP
Incident response playbook and runbook tooling
monday.com β programme operating-model tool used for the architect and SME tracks
People Β· Process Β· Technology Outcomes
People: Led security engineering across the programme; senior peer to Security Solution Architects, Cyber Operations, and the MSSP L1 SOC interface.
Process: Embedded structured operating-model discipline into every security validation and assurance step; Definition-of-Done evidence at every gate, no exceptions.
Technology: Delivered secure-by-design as built; personally signed off every architecture and operational handover, with an audit-traceable evidence chain from threat model to live monitoring.
Essential Experience & Skills
12+ years cyber engineering and security architecture experience at enterprise scale.
5+ years hands-on security design AND validation β comfortable both as architect (design authority) and as engineer (hands-on implementer).
Direct experience with CIS Controls v8.1, NIST CSF, ISO 27001 / 27002 control frameworks.
Threat modelling at scale β proven authorship using STRIDE, MITRE ATT&CK, OWASP β across multiple in-scope controls.
Hands-on penetration testing, security testing, and control validation track record.
Workflow discipline β operates comfortably within Definition-of-Done, evidence-at- gate frameworks.
Exceptional executive-level interactions, presentation, and engagement β proven ability to influence CISO, Security Council, External Assurance, and cross-functional senior stakeholders across Procurement, Architecture, and Technology heads.
Retail or large dispersed-estate enterprise experience strongly preferred.
Tooling & Methodology Proficiency
Essential
Hands-on with leading enterprise PM tools β Jira, Azure DevOps, MS Project, monday.com, or equivalent β and willing to adopt monday.com (the programmes tool) on the job at senior architect and SME level.
End-to-end Agile delivery β Scrum / Kanban β combined with DevSecOps deep hands-on practice (security gates embedded in CI/CD).
SAFe PI Planning participation as the cyber security representative.
Executive-grade MS PowerPoint β Security Council paper authoring, threat-model presentation, design narrative for Programme Board.
Advanced dashboards and modelling β one or more of Advanced MS Excel, PowerBI, Python, or Copilot β for KRI baselines, control-effectiveness analytics, and risk reporting.
Budgeting awareness β security control cost shaping and total-cost-of-ownership analysis.
Desirable
Direct hands-on monday.com experience at senior architect / SME level.
Practical DevSecOps Foundation or SANS GIAC GCSA.
SABSA for Architects.
Microsoft Threat Modeling Tool / OWASP Threat Dragon authorship.
PowerBI Data Analyst (PL-300) for KRI and risk dashboards.
Certifications Essential
CISSP (Certified Information Systems Security Professional)
One of: CISM, CISA, CCSP, SABSA Practitioner, or CRISC
One penetration-testing certification: OSCP, GIAC GPEN, or CEH (or equivalent demonstrable experience)
Desirable
CompTIA CASP+ or PenTest+
GIAC GCIH, GCFA, GCIA, or GREM
AWS Security Specialty or Azure Security Engineer / Security Architect Expert
BMC Helix Certified Professional (SecOps)
ISO 27001 Lead Auditor or Lead Implementer
TOGAF 9.2 awareness
Key Competencies
Senior technical authority β credibility at architect and engineer level simultaneously
Security Council gravitas
Threat-modelling craftsmanship β STRIDE, MITRE ATT&CK, OWASP fluency
Workflow discipline β Definition-of-Done evidence at every gate is non-negotiable
Executive-level engagement with CISO, Security Council, External Assurance, and senior cross-functional stakeholders