Enterprise Security Architect

Posted 1 day 14 hours ago by Hiscox

Permanent
Not Specified
Other
London, United Kingdom
Job Description
Enterprise Security Architect

Location: London (preferable) or York, UK

Job Type: Permanent

Company Description: Hiscox is a diversified international insurance group with a powerful brand, strong balance sheet and plenty of room to grow. Listed on the London Stock Exchange and headquartered in Bermuda, Hiscox has over 3,000 staff across 14 countries and 34 offices.

The Role: The role of Enterprise Security Architect is to lead the development and implementation of our global cybersecurity strategy and architecture - ensuring alignment with our business strategy and objectives. You will be responsible for developing architecture roadmaps, patterns and blueprints, developing technical standards, defining requirements and control objectives, and consulting into various strategic security programmes and projects. You will also act as a cybersecurity subject matter expert and be responsible for overseeing the activities of security architects and business analysts.

You will act as a bridge across all our federated business units, ensuring that our security architecture is consistent across all countries and systems. You will need to have excellent stakeholder management skills, and be highly consultative in your approach. You will need to communicate effectively to a variety of audiences with differing technical knowledge, including DevOps engineers and senior executives.

Key Responsibilities:

  • Develop, implement and maintain our global cybersecurity strategy, enterprise security architecture and capability roadmaps.
  • Develop, implement and maintain an enterprise security architecture framework.
  • Develop, implement and maintain security architecture policies and processes.
  • Develop, implement and maintain technical security standards.
  • Provide security subject matter expertise and consultancy to delivery programmes and projects.
  • Design and deliver a rolling programme of cyber capability maturity assessments.
  • Provide technical leadership to a team of security architects (solution level) and business analysts.
  • Provide technical advice and guidance to security and systems engineers.
  • Plan and govern the delivery of security requirements and designs within programmes and projects.
  • Provide security impact assessments within change control processes and boards.
  • Continually review our security technologies, tools and services, and make recommendations on their improvement or replacement.
  • Work with CTOs and other stakeholders across the business to identify architecture opportunities that can support cost saving, risk reduction or further enable our business goals.
  • Acquire, train and retain cyber talent, with a focus on continuous professional development.
  • Train and mentor security architects and business analysts, and build an environment that promotes knowledge sharing with other business teams.

Candidate Profile:

  • Minimum of 8 years experience in enterprise and/or systems security architecture, with at least 3 years in a leadership role.
  • Demonstrable experience developing and maintaining cyber strategies and roadmaps.
  • Excellent knowledge of security frameworks, standards, and best practices (e.g., NIST, ISO, CIS, etc.).
  • Excellent knowledge of security technologies, tools, and methodologies (e.g., firewalls, encryption, penetration testing, etc.).
  • Excellent knowledge of enterprise security architecture principles and practices.
  • Familiar with financial services (preferably insurance) security standards and regulatory requirements.
  • Previous experience leading teams of security architects and/or business analysts.
  • Excellent consulting skills and stakeholder management skills.
  • Ability to design, plan, coordinate and deliver enterprise security capability roadmaps.
  • Good leadership and team management skills, with the ability to motivate and develop staff and foster a culture of collaboration and technical excellence.
  • Certified Information Systems Security Professional (CISSP), or equivalent certification is desirable.
  • SABSA Certification is desirable.

Diversity & Benefits: At Hiscox we care about our people. We hire the best people for the job and we're committed to diversity and creating a truly inclusive culture, which we believe drives success. Working life doesn't always have to be in the office, so we have introduced hybrid working to encourage a healthy work life balance. Our benefits package includes a bonus, contributory pension, 25 days annual leave plus 2 Hiscox days and a 4 week paid sabbatical with every 5 years' worth of service, private medical for all the family and much more.

Why work here? If you want to help build a brilliant future; work with amazing people; be part of a unique company culture; and, of course, enjoy great employee benefits that take care of your mental and physical wellbeing, come and join us.

About us: We're a global, specialist insurer headquartered in Bermuda and listed on the London Stock Exchange. With 3,000 employees and 32 offices in 12 countries we're a business with lots of opportunity for people with talent, spark and lots of ambition. If you want to build a great career with a company that prioritises strong values - such as integrity and courage - where our people always pull together to do the right thing for each other and our customers, then we'd love to hear from you.