Lead Security Architect - Pre-Sales

• Translate business, data protection and security requirements into practical and well-structured architectural designs, utilizing industry best practices and security frameworks (e.g., NIST, ISO 27001, CIS).

• Develop and maintain secure architectural patterns and standards, with a solid working knowledge of cloud security (AWS, Azure, GCP).

• Apply risk-based and threat-based approaches to evaluate and recommend appropriate and proportionate security technologies and solutions (e.g., SIEM, IAM, CASB, container security).

• Outline key security components, interfaces, and dependencies. Develop architectural diagrams and overviews. Document security design principles and provide rationale.

• Ensure designs align with business objectives, security policies, and industry best practices, with a focus on cloud-native security considerations.

Risk and Threat Management:

• Conduct comprehensive risk assessments and threat modelling, providing detailed analysis and actionable recommendations.

• Advises clients on risk mitigation strategies and security best practices, and support the implementation of those strategies, contributing to measurable improvements.

• Support security incident response and investigations, contributing to thorough post-incident reviews and identifying areas for improvement.

Stakeholder Engagement and Technical Leadership:

• Provide expert guidance to clients on secure architecture and risk management, participating in technical discussions with stakeholders.

• Engage with stakeholders to contribute to informed security decisions and communicate complex security concepts effectively.

• Deliver clear presentations and reports to technical and non-technical audiences and provide technical guidance to project teams.

• Collaborate with developers, IT operations, and other security team members to ensure effective security integration throughout the SDLC.

Security Policy and Standards Implementation:

• Advise on the development and implementation of security policies, standards, and procedures, and support their enforcement, including cloud-specific policies.

• Conduct security compliance assessments and audits, and assist in addressing any gaps, providing recommendations for remediation.

• Support alignment with relevant security frameworks and regulations, identifying potential compliance issues and contributing to mitigation strategies.

Technology Evaluation, Deployment, and Management:

• Conducts security architecture reviews and perform security assessments, including vulnerability scanning, configuration reviews, and cloud security posture assessments, identifying vulnerabilities and recommending detailed remediation strategies.

• Contribute to the development of security architecture roadmaps and strategic plans, and support their implementation, with a focus on continuous improvement.

• Evaluate and recommend appropriate security technologies and solutions and support the deployment and integration of those technologies.

• Provide guidance on the implementation of security controls and best practices and support the maintenance and optimization of those controls.

• Stay updated with emerging threats and technologies, and research and recommend new security solutions.

Presales and Bid Support:

• Contribute to the development of proposals and statements of work, including defining the scope, approach, and deliverables.

• Estimate effort, costs, and timelines for security solutions, considering various factors and constraints.

• Present security solutions and architectures to potential clients, effectively communicating their value and benefits.

• Support the bid management process by providing technical input, risk assessments, and compliance considerations.

It starts with amazing people, challenging projects and a work environment that supports the creation of tangible solutions that make an impact. You will need to have a broad experience of security architecture and have evidence of experience in a number of the following fields of expertise:

• 7+ years varied experience in information security, data protection, and security architecture roles, with a focus on cloud security, and compliance.

• Strong understanding of security governance, risk, and compliance frameworks such as ISO 27001, NIST 800-53 / CSF, NIS/NIS2, DORA, UK CNI / OT / IIOT compliance.

• Hands-on experience building credibility with external stakeholders through technical presentations, audits, or compliance reporting, including enterprise clients, critical system vendors, certification auditors and regulatory bodies.

• Proven ability to technically guide and mentor teams, as well as influence and collaborate with senior stakeholders in a similar architecture, security, or risk management role.

• A hands-on approach with the ability to balance project level strategic oversight with direct involvement in security tasks.

• Excellent communication skills, with the ability to present complex information clearly and effectively to non-technical stakeholders.

• Strong attention to detail and the ability to deliver high quality work.

• Experience in presales activities, including contributing to proposals, estimating effort, and presenting solutions.

• Experience in supporting bid management processes, providing technical input and risk assessments.

• A valid right to work in the UK.

• Eligible to obtain UK SC clearance.

• CISA, CRISC, CISM or CISSP certification a must.

NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team., We're a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women's Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.