Group Solution Architect – Security
Group Security Solution Architect
The purpose of the Group Solution Architect - Security is to provide leadership in the development, design, communication and application of Security Architecture in order to ensure that Bupa has a fit for purpose solutions to security across the whole Group. Appropriate and managed Security Architecture is considered a critical capability to protect Bupa information (including customer, employee and third-party data), secure Bupa’s brand and help achieve our 2020 goals.
This will be achieved by:
- Ensuring alignment on IT security architecture and security technology direction across Business and IT Leaders.
- Owning, communicating and collaboratively developing the Bupa Enterprise Security Solutions Architecture to meet the information risk strategy and policies
- Interpreting security policies and leading the development of standards and guidelines that comply with this
- Developing standards and patterns in the field of Enterprise Security Architecture in line with Bupa’s risk appetite.
- Engaging with Market Units to support the delivery of Group Security Solutions.
- Assessing the impact of new technologies, legislation and services on the Security approach in Bupa.
- Providing expertise and recommendations, as required, to Enterprise Architects, Solutions Architects and Senior Leaders.
- Accountabilities and Activities
- Create, document and maintain Design Patterns for Group Security Solutions across Bupa globally.
- Work across teams in Bupa to gain alignment and maintain the value of the Solutions.
- Develop solutions, aligned to the Enterprise Security Architecture, that’s are valuable to Bupa Group and the Market Units.
- Provide subject matter expertise into the evaluation and selection of service providers.
- Collaboratively develop the target operating models for the effective operation of the security capabilities.
- Make technical security recommendations to improve the security of new or existing applications and infrastructure.
- Work across teams in Bupa to identify synergies between similar activities within
- Bupa organisations that can form part of the overall solution in order to maximise reuse and avoid inefficiency.
- Work in conjunction with the Risk and Compliance globally and global Information
- Security team to develop appropriate technical mitigations and controls for Risk Policies.
- Act as a bridge between the relevant business, architecture and delivery communities across Bupa to:
- Use in-depth knowledge to provide leadership and innovative thinking
- Ensure security requirements are embedded in project deliveries and BAU change
- Drive the adoption of IT security policies and standards.
- Advise on and promotes activities that deliver global fit-for-purpose information security and risk management capabilities.
- Build effective working relationships & collaboration with Business Units, and Market Units
- Provide subject matter expertise on a range of information security standards and best practices.
Build effective working relationships with partners, industry bodies and suppliers
Qualifications, Training and Experience
- Have attained or demonstrate the capacity to attain a degree level education or equivalent training.
- Holds relevant professional qualification in Information Security (e.g. CISM, CISSP)
- Holds certification or experience with Enterprise Architecture methodology (e.g., TOGAF, Zachman, SABSA).
- A track record in architectural disciplines with a specific security focus (a good understanding of the markets and sectors that Bupa operates in is desirable). More particularly, will have had broad experience in and exposure to a wide range of security technology and services.
- Proven ability to develop, document and communicate solution architectures for different audiences
- Must be able to think abstractly and see the big picture. Visioning skills are an absolute must.
- Will have experience of working at a senior level for both large end user and IS services and/or major consultancy companies.
- A sound understanding of information security (e.g. ISO/IEC 27001) and risk management standards, international data protection and regulatory compliance requirements (e.g., EC/APEC Data Protection laws and regulations, etc.).
- High interpersonal skills to enable partnership with Business Units, Corporate Centre, other Market Units and stakeholders.
- Proven ability to influence in order to drive change.
- Proven ability to manage change and deliver results in line with agreed deadlines.
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals.
- Independently-minded self-starter.
- Will have experience of having worked with international teams.
- Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Experience with contract and vendor negotiations.
Time Type:Full time
Job Posting End DateFull time
When applying for a job, do not provide bank account details or any other financial information. Never make any form of payment. WhatJobs is not responsible for any external website content. Report this job