Principal Cyber Security Architect
Principal Cyber Security Architect
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description
Ofgem Role Profile ExpertDec 2023 OFFICIAL-InternalOnly
Role Profile
Role details
Role Title Principal Cyber Security Architect
Level Level 3
Directorate Energy Systems Design & Development /
Digital Data & Security Services
Location London/Glasgow/Cardiff
Number of positions &
contract types
2x permanent
Approach External
Ofgem is Great Britains independent energy regulator. Our primary responsibility is to
protect energy consumers especially the most vulnerable while at the same time working
with government industry and consumer groups to deliver a clean more affordable and
secure net-zero energy system at the lowest cost to consumers and drive economic
growth.
Ofgem has a culture of inclusion that encourages supports and celebrates the diverse
voices and experiences of our colleagues. It fuels our innovation and helps ensure we
can best represent the consumers and the communities we serve. Everyone is welcome -
as an inclusive workplace our employees are comfortable bringing their authentic selves
to work.
Purpose
Operate as Ofgems Cyber Security Architect expert working on projects with high
strategic impact.
Provide expert review and make recommendations for secure design and engineering for
Ofgem Technology. Ensuring alignment and consistency with architectural governance
developing vision principles and security strategy throughout the engineering lifecycle.
Be the focal point and expert in a multi-disciplinary team in a specific work area in the
context of operating in a Professions and Flexible Resourcing model.
Ofgem Role Profile ExpertDec 2023 OFFICIAL-InternalOnly
Plan oversee and deliver a set of work deliverables on time and to a high standard through
effective project management and support of multidisciplinary team members.
Provide inclusive corporate leadership using your expertise to provide comprehensive
knowledge sharing support and development that demonstrate commitment to Ofgem
values.
Key Responsibilities:
Lead projects with high strategic impact setting a strategy that can be used in
the long term and across the whole organisation.
Ensure the CTO function and teams have a constantly updated repository of best
practice resources available to reduce cyber risk whilst transforming towards Secure By
Design
Review and assess threats affecting the market based on effective partnerships with
the Security Intelligence and Law Enforcement Agencies other Regulators and energy
sector partners.
Leverage a variety of sources to continuously maintain Ofgem Cyber Reference
Architecture with principles requirements patterns anti-patterns implementation
engineering and operational maintenance options.
Influence key organisational and architectural decisions and interact with senior
stakeholders across organisations to reach and influence a wide range of people across
larger teams and communities.
To support the team deliverables that utilise your expertise to ensure successful
outcomes across team members and collaborating teams
Provide clear and transparent work objectives milestones and success metrics in your
area of expertise to oversee and co-ordinate successful team outcomes.
Collaborate closely with other teams to manage interdependencies risks and
resourcing to support portfolio delivery.
Where required be jointly responsible with the PDL on welfare and pastoral care of all
colleagues.
Demonstrate effective diversity and inclusive team management within their team and
the wider organisation.
Key Outputs and Deliverables
Use applied security expertise to develop and maintain solutions that align with
Ofgem Cyber guidance to support the improvement of cyber resilience for the
organisation.
Ofgem Role Profile ExpertDec 2023 OFFICIAL-InternalOnly
Use applied security expertise to identify key programme and technical risks leading
the design of mitigating security architectures.
Create and clearly communicate security expectations to industry providing expert
guidance to operators on interpreting such statements into meaningful and
appropriate security requirements.
Document expert cyber architecture design reviews of operator system architectures
to identify security weaknesses and recommend mitigations.
Identify and Document Cyber Risks within the Secure By Design lifecycle.
Provide expert advice on security architecture implications of technological trends
when applied to existing systems how innovative technologies change the security
approach required.
Effectively communicate difficult risk and security concepts in accessible ways that
can be clearly understood by business leaders. Contribute to and develops risk
communication strategies.
Attend lead and provide expert input to Specialist Interest Groups to share security
best practice across the sector.
Follow a methodical and repeatable approach to reviewing the security of a system
architecture and describe that approach.
Contributes to new and innovative security architecture guidance for others to re-
use.
Key Stakeholder Relationships
Internal
Team Heads and Associate Directors
Colleagues within the CTO CISO team and across Ofgem specifically legal data and
digitalisation.
3rd parties working for Ofgems business teams and corporate functions to manage
service delivery to the required quality cost and timescales.
External
Government departments (e.g. BEIS NCSC DCMS)
Other Competent Authorities
Industry experts and communities of interest
Role Requirements
Ofgem Role Profile ExpertDec 2023 OFFICIAL-InternalOnly
Essential Criteria
Expertise in security architecture and applied security
capability. (LEAD)
Certified to one more or equivalent: CISSP GICSP
GRID SABSA TOGAF. (LEAD)
Practitioner in information risk assessment and risk
management.
Experience of working in Cyber Security within Critical
National Infrastructure.
Extensive experience working collaboratively with diverse
colleagues.
Have experience in the process of developing and managing a
range of options and decisions that aligns with your
organisations priorities.
Develops plans and delivers work outcomes including clear
and transparent work objectives milestones and success
metrics.
Able to achieve and maintain SC clearance.
Desirable Experience of working in Energy Sector
Behaviours
Seeing the Big Picture
Changing and Improving
Making Effective Decisions
Communicating and Influencing
Required Experience:
Staff IC
Employment Type
Full-Time
