Permanent full time
Up to £74,271 per year
Work Style: Anywhere Worker
Closing date: August 29, 2022
Essex County Council (ECC) is one of the largest and fastest growing local authorities in the UK, serving a population of 2 million, and has a proven track record of transformational change. ECC anticipated necessary changes in the public sector and strived to deliver better quality at lower cost. We have an ambitious transformation agenda – one that has the ability to reach every part of the board. We are changing the way we think, the way we work and the way we deliver our services.
The Security Architect is a key role, responsible for developing the security architecture that ensures the appropriate protection of all aspects of security (people, electronic, data, physical) in technical development and delivery to the support of the Council’s business objectives and requirements ensuring alignment and respect of the principles of simplification, sharing and reuse.
Safeguarding Board data in an aggressive cybersecurity environment is a critical activity and the incumbent leads strategic collaboration with key stakeholders across directorates, partner organizations and third-party vendors to promote design aspects of security of information required in the development of the ECC IT strategy to exploit innovative solutions. products, services and solutions that deliver benefits to businesses and citizens.
The role will help drive a new, modern way of delivering the technology solutions required by ECC and the service itself and will be responsible for leading the service through an ever-changing modern technology landscape required to operate in a cloud-based digital organization and driven by users.
- Responsible for the development, implementation, delivery and support of an enterprise information security architecture aligned with the Board’s strategic requirements.
- Responsible for ensuring alignment between business strategies and information security and leads the provision of information security expertise, guidance and systems necessary to execute strategic and operational plans across all organizational information systems.
- Responsible for providing expert advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
- Lead the delivery of security innovation to the benefit of the Board by capturing and prioritizing market and environmental trends, business strategies and objectives, and identifying the business benefits of alternative strategies ensuring the alignment with the security architecture.
- Lead technical design assessment and approval to ensure compliance of information security architecture that provides effective protection of Council data.
- Responsible for establishing and maintaining security standards and principles and ensuring they are properly used across all technical initiatives to ensure commonality in solution design and implementation.
- Responsible for obtaining vulnerability information and conducting security risk assessments, business impact analyzes and accreditation on complex information systems to ensure appropriate protection Council data.
- Leads the creation and review of a security capability strategy that meets strategic business requirements.
- Leads collaboration and provides expert advice and guidance regarding security issues to business partners, operations teams and vendors to develop and present business cases, for high level initiatives, approval, funding and prioritization consistent with the Council’s information security architecture.
- Specific individual and shared targets and objectives are defined annually as part of the performance management framework.
The experience you will bring
- University degree or equivalent experience in a relevant field.
- Able to demonstrate extensive experience in a senior security architecture role, preferably within a large local authority or with a service provider providing commercial solutions and architectural services for the public sector.
- Must demonstrate experience leading and working within effective teams delivering proven security solutions to meet complex business requirements and enable standardization, simplification, sharing and reuse.
- Accredited with ISACA Certified Information Systems Security Professional (CISSP) or similar qualification such as Axelos RESILIA and must have a demonstrable understanding and ability to use supporting frameworks and methodologies such as TOGAF 9.2, ArchiMate, BPMN, COBIT and IT4IT.
- Able to demonstrate a clear understanding and ability to work within relevant ICT related standards including IITIL V3, ISO/IEC 38500, ISO/IEC 27001, ISO/IEC 22301, ISO/IEC 20000, PRINCE2 and MSP.
- Excellent written and verbal communication and presentation skills.
- Excellent customer service skills.
- Experience using enterprise modeling tools and methods such as EA Sparx and Orbus iServer.
- Experience in developing systems compliant with GDS and Cyber Security Group guidelines.
- Evidence of continuous professional development to keep pace with technical and business changes that meet the competencies defined by SFIA V7.
Apply and next steps
Please apply through the Working for Essex website, ensuring you upload an up-to-date CV and supporting statement when prompted.