Location: North West/London
Job Title – Principal IT Security Architect (x1 vacancy)
Function – Corporate IT
Grade – Grade 6
Location - North west (Birchwood Park or Peel Park) or North East (Newcastle) or London
You can find out more and download an application form at WWW.DWP.GOV.UK. Quote reference number: IRC61197
Role - Reports to the Head of IT Security
Key links and reporting lines –
With other IT Architecture teams to provide expert IT guidance and leadership in the design, development, deployment and assurance of security architecture and solutions.
With other DWP and Supplier Security Groups to shape strategic direction and ensure alignment with Enterprise IT Architecture.
With industry thought leaders and suppliers to keep abreast of architecture developments.
With the Risk Management and Infrastructure Security teams to ensure that security architecture and standards are aligned with and informed by infrastructure delivery and operational security needs.
With other Government Departments to ensure that x-Government initiatives for re-use and sharing of information and service capabilities can be realised without compromising DWP security
Key accountabilities -
Accountable for the development, maintenance and communication of the Enterprise level Security Strategy and Architecture for DWP.
Accountable for the definition, maintenance and management of the Security architecture and technology standards, methods and policies for the DWP.
Accountable for providing security strategy and architecture guidance to operators and suppliers and x-Government stakeholders.
Responsible for ensuring fit for purpose security within strategic Business Change initiatives including delivery of citizen centric services
Responsible for developing, maintaining and communicating the Enterprise view of Security Strategy and Architecture for x-Government shared services.
Responsible for maintaining strategic IS & IT direction and alignment in the design and development of the Security Strategy and Architecture.
Responsible for identifying and enabling the realisation of benefits from the deployment of Security architecture solutions linked to business solutions.
Responsible for working with Technology and IS service providers to assure development, deployment and operation of security solutions.
Responsible for monitoring and managing the technology standards, policies and methods for security architecture development and maintenance as part of the Enterprise Architecture Framework.
Responsible for contributions to and participation in DWP and x-government IS/IT security forums.
BSc in Computer Science or equivalent qualification or work experience desirable.
Experience IT Security to BS 7799/ ISO 27001.
Experience of industry standard enterprise architecture frameworks e.g. TOGAF
Product knowledge eg: WS security, Liberty Alliance
Proficient in security and threat analysis techniques
Additionally any practitioner qualifications would be advantageous eg: CISSP certification, CISA (Certified Information Security Auditor) or CPP (Certified Protection Professional), BS7799 Auditor, ISEB Information Security Management, or membership of the Institute of Information Security Professionals.
Proven record of developing and implementing enterprise security strategy.
Proven record of successful architecting major security systems through to operation.
Proven experience in design, implementation and operation of large-scale security architecture solutions in a large and complex multi-supplier / multi-platform environment.
Significant experience working as a senior IT architect in a security architecture environment.
Proven track record in championing and delivering technologies based on open standards.
Proven track record of experience in developing and driving the commercial characteristics of security solutions e.g. designing security architecture based on unit cost targets.
Knowledge of all areas of IT Security, including Identity and Access Management; Single Sign On; Secure communications and network protection; Data protection and privacy; Security Management; Audit; Cryptographic services; and Security Assurance and Maturity.
Knowledge of UK central government IT security strategy, standards and policies (e.g. CISA and CESG developed standards) desirable.
Demonstrating Professional IT Expertise level 3
- Building Professional Credibility level 3
- Delivering a Customer Focused Service level 3
- Building Capability level 3