Principal Enterprise Security Architect

The National Physical Laboratory (NPL) is seeking a Principal Enterprise Security Architect to lead cyber security design and assurance for national-scale Position, Navigation, and Timing (PNT) programmes; requiring expertise in enterprise security architecture frameworks, cloud and IT technologies, risk mitigation, and relevant certifications such as CISSP or CISM, while collaborating with senior stakeholders and ensuring alignment with NPL’s security strategy and compliance with government and industry standards.

This role will be responsible for the overall cyber security design, development and delivery across strategic PNT programmes. The role will be responsible for delivering assurance relating to activities of high complexity and risk, making decisions that will enable NPL to achieve its goals within its risk appetite.

The Principal Enterprise Security Architect will lead the Cyber Security pillar within the PNT Technical Design Authority, overseeing the implementation of solutions to ensure technology and digital solutions align with the enterprise security roadmap.

This specialist position will be report into the head of NPL’s Cyber Security Team, part of the NPL CIO function helping to provide all of NPL with day-to-day information risk consultancy, advice, and guidance. It will also support with prioritisation of risk mitigation activities, tracking of risk tolerance and reporting while supporting the design and implementation of the assurance framework.

Key Responsibilities:

- Responsible for leading the cyber security architecture and design function across NPL’s PNT programmes to deliver at National Scale

- Responsible for developing an enterprise architecture and guiding principles for the PNT programmes which aligns with the NPL’s security strategy

- Communicate with a broad range of senior stakeholders and be responsible for defining the vision, principles and strategy for security architecture. This will include senior stakeholders within NPL and the UK Government

- Work alongside and collaborate with the Enterprise Architecture team to provide a consolidated and aligned architectural position to guide NPL in the safe use of IT technologies and systems whilst meeting the overarching business and programme requirements

- Have a deep and evolving level of technical expertise across a wide range of both security and IT technologies & services

- Lead the technical cyber security design of systems and services across multiple PNT programmes and projects / technologies, up to an organisational or inter-organisational level

- Make and influence important business and architectural decisions

- Research, identify, validate and adopt new security technologies and methodologies that help NPL achieve its business objectives

- Research and apply innovative security architecture solutions to new or existing problems and be able to justify and communicate design decisions

- Lead the engagement with NPL’s customers within both the UK Government and the private sector on security risk and architectural decisions

- Understand the impact of decisions, balancing requirements and deciding between approaches based on the business requirements and risk appetite of NPL

- Stay up-to-date with emerging cyber security principles, standards and technologies

- Identify and communicate current and emerging threats, whilst designing security architecture elements to provide mitigation against those threats

- Maintain an understanding of the emerging threat profile, work with the wider team to contextualise this threat in terms of NPL’s own business/delivered programmes and ultimately develop a prioritised mitigation strategy. Develop a security posture which delivers this this mitigation through both technical implementation, operating procedures and business processes.

#J-18808-Ljbffr