Senior Security Architect

Posted 3 days 4 hours ago by Pertemps

Permanent
Full Time
Other
England, United Kingdom
Job Description
Overview

As the Senior Security Architect, you will be a key part of the Information Security team, focused on developing, implementing, and governing robust security architecture strategies and patterns across Thames Water. This role will support our mission to protect systems, data, and operations from cyber threats by enabling secure-by-design practices across all digital initiatives. Reporting to the Head of Security Architecture, you will work with key stakeholders across Thames Water to ensure new and existing technology capabilities are designed and delivered with the necessary, appropriate and proportionate security measures. This role requires deep technical expertise, strategic thinking, and strong leadership in embedding cybersecurity into the digital transformation journey.

What you'll be doing
  • Security Architecture Strategy: Assist in the development and maintenance of the company-wide security architecture strategy and roadmap.
  • Secure Solution Design: Lead and review security designs to ensure end-to-end solutions meet security requirements across projects and programmes.
  • Security Architecture Artefacts: Create and manage security patterns, reference architectures, and technical standards for secure design and implementation.
  • Threat & Risk Assessment: Conduct threat modelling and risk assessments to identify security gaps and recommend proportionate controls.
  • Security Control Assurance: Validate implementation of agreed security designs through testing, reviews, and go-live assessments.
  • Collaboration Across Teams: Work closely with enterprise and domain architects, cyber security, project managers, and business stakeholders to embed security into design and delivery.
  • Security Governance & Compliance: Ensure adherence to internal and regulatory security standards by providing oversight throughout project and solution lifecycles.
  • Vendor & Product Evaluation: Provide security input into technology procurement and vendor selection to ensure alignment with security architecture requirements.
  • Security Awareness & Best Practice: Champion secure-by-design principles and contribute to developing Thames Water's security architecture capabilities and culture.

Base location - Hybrid - Clearwater Court, Reading

Full Time - 36 hours per week

What you should bring to the role

Essential Experience:

  • Security Architecture Frameworks: Experience with frameworks such as SABSA, TOGAF, or Zachman.
  • Technical Knowledge: Proficient in designing secure solutions across cloud, on-prem, and hybrid environments, including IT and OT domains.
  • Security Infrastructure: In-depth knowledge of technologies such as firewalls, WAFs, IPS, SIEM, endpoint protection, and IAM.
  • Secure Systems Design: Proven experience in embedding security controls in system architecture across various platforms and environments.
  • IAM Design: Direct experience designing identity and access management solutions, including Active Directory, Azure IAM, and RBAC.
  • Business Engagement: Ability to translate technical security requirements into business-focused language and work effectively with stakeholders at all levels.

Essential Skills & Qualifications:

  • Education: Educated to degree level or equivalent experience.
  • Certifications: Security certifications such as CISSP, CISM, or equivalent.
  • Communication: Strong written and verbal communication skills, capable of articulating complex issues clearly.
  • Analytical Thinking: Excellent problem-solving and critical thinking skills, with the ability to balance business needs with security.
  • Self-Starter: Proactive, highly motivated, and able to work independently in a fast-paced, changing environment.

Desirable Experience:

  • Security Architecture Delivery: Experience working within a security architecture or similar function.
  • Modelling Tools: Experience using architecture modelling software (e.g., BiZZdesign, ArchiMate, BPM tools).
  • Compliance Standards: Familiarity with compliance frameworks and standards in system design (e.g., ISO 27001, NIST, and CIS).
  • Architecture Artefacts: Experience in creating reusable security architecture models and patterns.

Desirable Technical Skills & Qualifications:

  • Advanced Certifications: Additional certifications such as CISA, SABSA, or TOGAF are desirable.
  • Security for Emerging Tech: Understanding of security considerations for AI, containerisation, Kubernetes, and cloud-native applications.
What's in it for you?
  • Competitive salary up to £85,000 per annum, depending on qualifications, skills and experience.
  • Annual Leave - 26 days holiday per year, increasing to 30 with the length of service (plus bank holidays).
  • Performance-related pay plan directly linked to both company and individual performance measures and targets.
  • Generous Pension Scheme through AON.
  • Access to lots of benefits to help you take care of you and your family's health and wellbeing, and your finances - from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.

Find out more about our benefits and perks

Who are we?

We're the UK's largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive.

We're committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process. If you need any adjustments, whether that's extra time, accessible formats, or anything else just let us know, we're here to help and support.

Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment.