Senior Cyber Security Architect
Role details
Job location
Tech stack
Job description
XPS Cyber Security is an expanding team consisting of security engineers, security analysts and an external 24/7 Security Operations Centre. The Cyber Security Architect role will be challenged with working across functions, researching and implementing the latest strategies, policies, and technologies in the industry, to protect XPS's most critical assets. This is highly technical and collaborative environment. Reporting to the Head of Cyber Security, the Cyber Security Architect will perform daily security architecture tasks, conducting gap analysis, reviewing policies and assisting with security initiatives to protect XPS Group's IT infrastructure, networks and data, and where required provide security assurance to clients. The successful candidate will be a true security leader and be able to deputise for the Head of Cybersecurity. They will have extensive experience designing secure best-practice cloud architectures, client-facing skills and be able to embed appropriate security controls across the organisation. Experience working with cloud hosting providers, cloud migration, secure application development and security testing will be essential for this role., * Strategic Leadership - Define and communicate a group-wide security architecture vision aligned with industry best practices. Develop roadmaps for current, transitional, and future states.
- Client & Executive Engagement - Act as a credible, confident, expert security advisor to clients, cross-department, and senior internal stakeholders, including the CIO and Board. Present complex security concepts in a clear, engaging manner.
- Hands-On Expertise - Lead secure system builds, cloud migrations, and application security initiatives. Provide architectural guidance for projects, with a focus on secure Azure environments. Be an active member of Architecture and change boards.
- Continuous Improvement - Develop an expert understanding of the business objectives, threats, risks, vulnerabilities and attack vectors facing the group. Act autonomously, conduct risk assessments, threat modelling, and gap analyses. Drive measurable improvements in security posture through KPIs and dashboards.
- Commercial Awareness - Commercial experience from building a business case, product selection, due diligence and contract negotiation, through to vendor relationship management.
- Future-Focused - Champion initiatives such as Zero Trust, intelligence-led security, and continuous security testing. Keep XPS ahead of evolving threats and technologies. Help XPS to evolve by updating architectural documentation and communicating changes.
- Incident Management - Assist the wider security team with timely security incident management, security training, and reviewing supplier/client information security questionnaires as required.
- Due to the changing nature of the business, the job holder may from time to time be required to undertake other activities of a similar nature that fall within their capabilities., Any employment offer made will be conditional upon you satisfying DBS Disclosure checks, Employment or educational references, Satisfactory credit checks and eligibility to work in the UK before an offer can be made. XPS Group is not able to provide sponsorship to employees.
Requirements
- Proven expertise as a Security Architect, working on complex technology programmes, securing cloud, secure software development, and in other large regulated financial services environments.
- Technical depth of cloud security (Azure), secure software development, identity management, and security testing (SAST/DAST, penetration testing).
- Expert collaborator and Influential Communicator. Exceptional written and verbal skills; able to engage confidently with clients, executives, and be able to mentor technical teams.
- Leadership ability to deputise for the Head of Cyber Security.
- Expert knowledge of security testing including vulnerability scanning, SCA/DAST/SAST and penetration testing.
- Knowledge of current and future security initiatives e.g. OWASP standards, SASE, intelligence led penetration testing, zero-trust, threat centric security and risk-based vulnerability management.
- Relevant practical experience of frameworks, standards e.g. ISO27001, CE+, NIST CSF, TOGAF etc.
- Holder of relevant certification and experience e.g. CISSP, CISM, CCSP, GDSA etc.
- Willing to travel to other locations as and when required.
Desirable:
- Computer Science degree, or relevant experience
Benefits & conditions
Enjoy a competitive salary, annual discretionary bonus, and 25 days' holiday with buy/sell flexibility. Benefits include pension matching, healthcare plans, life assurance, and retailer discounts. We support our team with a flexible benefits scheme, employee assistance, and digital GP service. Participating in volunteering events is encouraged with paid volunteer days available. Referral bonuses are offered for introducing suitable candidates to XPS., We want our people to know they matter so we offer a range of perks and benefits:
- Holiday entitlement
- Pension
- Life assurance
- Discretionary bonus scheme
- SAYE scheme
- Season ticket loans
- Sight tests
- Employee assistance programme
- Opportunities for hybrid working
- Generous annual flex allowance
- My XPS, My Benefits - flexible benefits you choose to suit you personally, including the option to buy additional holiday, bikes for work, private health care, travel insurance and dental insurance
- XPS Rewards - designed to offer you access to a wide range of discounts, saving you money on your shopping
Employee networks
Our seven Employee networks - XPS Women's Network, XPS LGBTQ+ Network, XPS Menopause Network, XPS Disability Network XPS Multicultural Network, Planet network and Mental health allies network - play an important role in our culture.
Some of them lead our inclusion and diversity programme of events, campaigns and workshops, such as celebrating International Women's and Men's Days, Pride Month and Black History Month, our Be Yourself at Work campaign and our workshops on LGBTQ+ Allyship, the importance of self-promotion for women's careers, menopause awareness and confidence when speaking up.
