We’re looking for a Head of Security Architecture to be the strategic authority for security-by-design across Digital.
Reporting to the Chief Information Security Officer, this role leads the definition, development and execution of our security architecture strategy, ensuring that all platforms, technologies and services are designed, delivered and operated securely.
As a key member of the Digital Extended Leadership Team, you’ll provide influential leadership on security risk, architectural direction and the secure enablement of our digital ambitions — balancing innovation with resilience in a complex, critical-infrastructure environment.
What you’ll be doing as the Head of Security Architecture
Security Architecture Leadership
Own, define and continuously evolve the Security Architecture Strategy and its supporting frameworks.
Embed secure-by-design principles across Digital, ensuring security requirements are incorporated through delivery and into operations.
Lead the development, governance and optimisation of security controls across all programs, [and support elsewhere], ensuring they are effective, measurable and aligned to recognised industry frameworks and regulatory expectations, which are in turn, mapped to internal Information Security Standards.
Oversee the integration of threat modelling, risk assessment and secure design principles into Digital programmes, projects and service lifecycles.Strategic Influence & Cross Digital Collaboration
Act as a senior strategic advisor within the Extended Leadership Team, advocating for security informed decision making and helping shape Digital’s technology direction.
Build strong relationships with Enterprise Architecture, Enterprise Security Architecture, Engineering, Delivery, Operations and business leaders to ensure security architecture is understood, adopted and aligned to organisational objectives.
Provide architectural steer and security assurance into major transformation initiatives, technology roadmaps, procurement activity and third-party engagements. Technology and Information Security and Standards
Ensure technical standards align to and address Information Security and Cyber requirements, controls and strategy
Support and guide the development and maintenance of security architecture patterns, standards and reference models.
Support and guide the evaluation and selection of security technologies, ensuring they integrate effectively into the wider architecture landscape.
Ensure the organisation’s security architecture remains current with evolving threats, technologies and industry practices.Risk Management & Control Assurance
Oversee and enhance processes for risk-based architecture decision making, ensuring transparency and accountability across Digital.
Drive the assessment of control effectiveness and lead architectural strategies to address control gaps, vulnerabilities and emerging threats.
Partner closely with Information Security Governance, Cyber Operations, Security Engineering and other teams to provide holistic risk visibility across Digital services.Leadership & Team Development
Lead, mentor and inspire the security architecture team, cultivating technical excellence, critical thinking and a collaborative culture.
Demonstrate visible personal leadership, modelling the behaviours expected across Digital and championing a mature, business aligned security culture.
Build capability across Digital by promoting knowledge sharing, architectural consistency and secure design thinking.Base location – Hybrid – Clear Water Court Reading
Working hours – 36 hours
Necessary requirements for the role – Security Clearance is required (must be completed prior to start date)
What you should bring to the role
The essential criteria to help you succeed in this role is:
Proven leadership in security architecture within a complex enterprise environment
Experience in critical infrastructure, utilities or the public sector
Deep, holistic knowledge of cyber / information security
Strong understanding of secure design, threat modelling, cloud and on-prem architectures, identity platforms
Demonstrated ability to influence senior stakeholders and lead teamsTechnical Skills
Strong familiarity with frameworks such as NIST, ISO 27001, SABSA, TOGAF
Broad experience across cyber security domains (e.g. IAM/IDAM)Extra qualities that would be a great fit for our team:
Experience working with vendors, procurement and contract management
Experience supporting regulatory and compliance frameworks (e.g. SEMD, CAF)
Relevant degree and certifications (CISSP, CISM, CCSP, SABSA, TOGAF)What’s in it for you?
Competitive salary of up to £105,000 per annum depending on experience
Annual Leave - 26 days holiday per year increasing to 30 with the length of service (plus bank holidays)
Car Allowance
Performance-related pay plan directly linked to company performance measures and targets
Generous Pension Scheme through AON
Private Medical Health Care
Access to lots of benefits to help you take care of you and your family’s health and wellbeing, and your finances – from annual health MOTs and access to physiotherapy and counselling, to Cycle to Work schemes, shopping vouchers and life assurance.Find out more about our benefits and perks
Who are we?
We’re the UK’s largest water and wastewater company, with more than 16 million customers relying on us every day to supply water for their taps and toilets. We want to build a better future for all, helping our customers, communities, people, and the planet to thrive. It’s a big job and we’ve got a long way to go, so we need help from passionate and skilled people, committed to making a difference and getting us to where we want to be in the years and decades to come.
Learn more about our purpose and values
Working at Thames Water
Thames Water is a unique, rewarding, and diverse place to work, where every day you can make a difference, yet no day is the same. As part of our family, you’ll enjoy meaningful career opportunities, flexible working arrangements and excellent benefits.
If you’re looking for a sustainable and successful career where you can make a daily difference to millions of people’s lives while helping to protect the world of water for future generations, we’ll be here to support you every step of the way. Together, we can build a better future for our customers, our region, and our planet.
Real purpose, real support, real opportunities. Come and join the Thames Water family. Why choose us? Learn more.
We’re committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process. If you need any adjustments, whether that’s extra time, accessible formats, or anything else just let us know, we’re here to help and support.
When a crisis happens, we all rally around to support our customers. As part of Team Thames, you’ll have the opportunity to sign up to support our customers on the frontline as an ambassador. Full training will be given for what is undoubtedly an incredibly rewarding experience. It’s also a great opportunity to learn more about our business and meet colleagues.
Disclaimer: due to the high volume of applications we receive, we may close the advert earlier than the advertised date, so we encourage you to apply as soon as possible to avoid disappointment
