Senior Lead, Information Security Technology and Architecture

Team purpose
The Cybersecurity and Information Assurance team is responsible for safeguarding the confidentiality integrity availability of all SCIs information assets (data and systems). The team is responsible for identifying assessing and managing cybersecurity and information risk and investigating and managing cybersecurity incidents and data breaches.

Role purpose
The Senior Lead Security Architect will report directly to SCIs Director of Information Security and Data Protection and will be responsible for developing security architecture and technology solutions to address the growing cybersecurity and compliance requirements of the organisation.

Working alongside Cybersecurity Operations and Information Assurance colleagues as well as technical and business teams from across the wider organisation and SCIs architecture team the role holder will continuously assess and evolve SCIs security architecture to ensure it incorporates security by design it remains fit for purpose in response to organisational change evolving threats vendor and technology developments and emerging capabilities such as artificial intelligence. The role includes both strategic architecture design and ongoing architecture overview as part of business-as-usual operations.

This is a highly collaborative role that will require combining extensive technical knowledge with strong communication and facilitative skills.

Job Title: Senior Lead Information Security Technology and Architecture

Reports To: Director of Information Security Data Protection and Global IT Operations

Work Pattern: Hybrid/Remote with flexible working options available

Location: Any approved Save the Children International office location. For a full list of locations that Save the Children International can hire in please visit:SCI Careers

Required Time Zone:Any

Contract Length: Permanent

Grade:P6

Right to Work: The successful candidate must possess the unrestricted right to work in their current or preferred location for the duration of employment

Language Requirements:English

International Travel: up to 5-10%

Remit:Global

Principal Accountabilities

• Accountable for leading SCIs Security Architecture domain including the ongoing oversight and evolution of the organisations security architecture performing an architecture and consultancy role for senior technical and business stakeholders to guide them in security related architectural and strategic matters.
• Develop security architecture and technology solutions to address the current and emerging security and compliance requirements of the organisation including guidance on the secure adoption of emerging technologies such as Artificial Intelligence and automation platforms.
• Review SCIs existing security architecture identifying design gaps technical debt vendor and platform evolution impacts and recommending security enhancements. Ensure alignment between security architecture frameworks and standards with the organisations overall missions and objectives.
• Provide technical leadership in architecting end to end solutions that meet business needs while ensuring that the implementation is in-line with the architectural principles industry best practices and extensible and scalable for future needs.
• Assist in the development of enterprise security requirements; planning implementing and testing security systems; preparing security standards policies and procedures. This will include the review and approval of submissions to the Enterprise Architecture Board.
• Contribute to and support the governance of security architecture through participation in the Enterprise Architecture Board and relevant governance forums ensuring security principles are embedded across new initiatives and architectural changes.
• Proactively identify and manage technical risks/issues; assessing the security architecture against evolving threat patterns vulnerabilities and architectural changes while supporting and enhancing existing information security controls.
• Maintain active awareness of industry best practices emerging technologies and threat landscape developments and disseminate relevant insights to stakeholders to inform the evolution of the organisations security architecture.
• Create and maintain architectural and design artefacts to ensure the up-to-date documentation for the relevant programs and projects is readily available and ensure the knowledge is disseminated.
• Business partner with stakeholders in the organisation to understand business requirements.
• Contribute to the evolution and planning of the enterprise architecture by ensuring solutions are developed in line with technology and security roadmaps and support the continuous evolution of the organisations security architecture strategy.
  

Experience and Skills

Essential

1. Proven ability to design end-to-end architecture solutions with strong business analysis/client-facing skills to engage a diverse stakeholder population.
2. Security Architecture strategy and design and working effectively within application security including secure application development (security in SDLC phases) and architecture. This will include familiarity or experience of architectural frameworks such as TOGAF and Zachman.
3. Demonstrable experience of Operational Security controls and regulatory compliance and information security management frameworks (e.g. IS027000 COBIT NIST CSF etc.).
4. Experience of securing cloud services (SaaS/PaaS/IaaS).
5. Experience of threat modelling and / or attack surface analysis.
6. Good knowledge of secure coding standards and best practices (CERT/OWASP/SANS/WASC/MITRE) and understand the most appropriate cryptographic techniques and how they should be used by enterprise organisations.
7. Proven team leadership abilities with the ability to motivate and mobilise individuals outside their reporting line.
8. Good communication skills (written & oral English) including the ability to communicate and present both at a technical and non-technical level to stakeholders of all levels
9. Experience in security architecture governance and lifecycle management including continuous architecture assessment risk-driven evolution and management of security technical debt.
10. Familiarity with AI security considerations and governance frameworks relating to the secure adoption of AI-enabled technologies.

Desirable

• Experience in developing solution architectures for Azure including Azure / Entra AD Azure SQL and Service Fabric.
• Cultural awareness and experience of delivering solutions internationally.
• Experience in working on Enterprise/ Business Architecture strategies roadmaps business and technology capabilities and frameworks
• Experience of working within an agile project delivery environment.
• Understanding of application lifecycle management the value of TDD and continuous integration.
• Experience supporting secure adoption and governance of Artificial Intelligence technologies including risk assessment and architecture design for AI-enabled systems.
• Clear understanding of web services (REST SOAP) SOA CQRS Messaging systems (ESB) distributed systems file transfer protocols and direct SQL interactions.
• Experience of configuration management / change management.

Education and Qualifications
Essential

• Degree or diploma in Computer Science / Business Technology / Cybersecurity / Information Security or relevant experience

Desirable

• Hold a Cybersecurity Masters Degree or a recognised cybersecurity or information security certification (i.e. CISSP CISM CompTIA Security CEH etc.)

Working at Save the ChildrenInternational

Save the Childrenis the worlds leading organisation for children employing save childrens lives. We fight for their rights. We help them fulfil their our work in 116 countries we put the most deprived and marginalised children first.

We know that great people make a great organisation and that our employees play a crucial role in helping us achieve our ambitions for children. We value our people and offer a meaningful and rewarding career along with a collaborative and inclusive environment where ambition creativity and integrity are highly valued.

The work here is challenging but is also immensely rewarding. At Save the Children you will be in good company working with talented like-minded individuals who are determined to ensure that all children survive learn and are protected. Your contribution will help ensure childrens voices are heard at the highest levels and that we achieve our global strategy Ambition for Children 2030 and reach every last child.

Diversity Equity and Inclusion and Equal Opportunities

DEI is core to our vision values and global strategy. Save the Children is committed to creating a truly diverse equitable and inclusive organisation and one which will support us in our vision to ensure every child attains the right to survival protection development and participation.

We are committed to equal employment opportunities regardless of gender sexual orientation race colour ethnic origin nationality disability marital or civil partnership status gender reassignment pregnancy and maternity caring or parental responsibilities age or beliefs and religion. We are committed to diversifying our staff to better represent the communities we serve and actively welcome underrepresented groups to apply.

Reasonable adjustments will be made should any candidate invited to interview require this.

Application Information

Please attach a copy of your CV and cover letter with your application. A full copy of the role profile can be found atSCI Careers. It is recommended that you save a copy of the role profile as it will no longer be available after the advert closes.

Applications will be reviewed on a rolling basis and the job advert may be closed earlier than advertised subject to the volume of suitable applicants. Please submit your application at your earliest convenience to avoid disappointment.

Due to the high volume of applications we receive only shortlisted candidates will be contacted. Candidates who are successfully shortlisted should expect to hear from us within 2 weeks of the advert deadline.

Our Recruitment Process

1. Application review by our recruiting team based on your CV and cover letter
2. Two-stage competency-based interviews with the hiring team
3. Some recruitmentmay include an additional assessment or case study stage or a third stage interview
4. If successful you will receive a conditional offer of employment followed by your contract subject to passing background checks

We need to keep children and adults safe so our selection process includes rigorous background checks and reflects our commitment to the protection of children and adults from abuse. All employees are expected to carry out their duties in accordance with our Code of Conduct and all policies and procedures relating to Anti-Harassment Health and Safety Safeguarding and DEI and Equal Opportunities.

Save the Children does not charge a fee at any stage of the recruitment process.