Enterprise Security Architect
| Posting date: | 22 May 2025 |
|---|---|
| Salary: | £74,290.00 to £85,601.00 per year |
| Additional salary information: | £74290.00 - £85601.00 a year |
| Hours: | Full time |
| Closing date: | 04 June 2025 |
| Location: | Newcastle upon Tyne, NE15 8NY |
| Company: | NHS Jobs |
| Job type: | Permanent |
| Job reference: | G9914-25-0101 |
Summary
In this role, you are accountable for:1. Take a holistic approach to design, develop a re-use approach as much as possible and have ownership across the BSA for Information Technology security architectural standards, project or programme IT architecture, leading a team of security architects2. Making high level strategic decisions to define to-be security architecture and to develop full technical solutions designs including preparation of technical artefacts, and blueprints, providing a high-quality security proposal for submission into internal and external business cases and assessments.3. Establishing a team with clear roles and responsibilities for developing and maintaining our Security Architecture requirements and capabilities to deliver on the strategic direction and to-be architecture in line with best practice and required standards. Ongoing management of staff including all line management responsibilities, performance management including embedding GROW, appraisals, disciplinary, and standard HR processes for Security Architecture.4. Working across/within different programmes and across different layers of architecture as needed and to translate business security requirements into IT services, solutions, investment and migration roadmap. Responsible for ensuring ongoing security improvement projects, its outputs and recommendations are appropriately managed in line with defined project timescales and milestones.5. Taking a lead role to identify and share good security practices, participating in relevant communities of practice to drive adoption of design standards, trends and patterns.6. Undertake and lead on investigative analysis within multidisciplinary teams, providing technical authority, making credible and practical technical decisions, communicating these with sensitivity and diplomacy to ensure the right technical direction is followed.7. Take ownership of particular areas of the business service, project or programme IT security architecture and ensure consistency with the Enterprise Architecture, HMG Security Strategy, HMG Digital Strategy and DH Digital Strategy and provides input into IT Strategy. 8. Research emerging tools and technology trends within and outside the NHS and ensure our technologies are appropriately aligned, applying the knowledge gained to be bold and innovative in approaching solutions, to assess potential value and identifying opportunities to enhance security capabilities for products and services used within the organisation. 9. Responsible for the security blueprint solutions for complex protective and vulnerability security management of both physical and data assets clearly defining the as-is and to-be security architectures and document the transition to the to-be solution and its integration in the overall Enterprise and Security Architecture blueprints.10. Responsible for prioritising and planning own and teams workload for projects and programmes proposed and/or underway. 11. Responsibility for contributing to budget management processes in accordance with NHSBSAs policies, standing orders, financial regulations and legislative requirements. 12. Leading on strategic procurement of hardware and software for various areas of the organisation, including selecting suppliers, accountability for delivery of quality outputs, meeting delivery timescales. Giving full consideration to cost, specification, maintenance and support to ensure the overall needs of the business are met from an ICT Security Strategy perspective, and that they are aligned with the business and ICT strategic directions13. To work with NHSBSA staff and Third Parties to ensure that security policy, standards, governance and processes are in place for producing and maintaining up to date, comprehensive, comprehensible documentation which will include IT service security blueprints for all systems and services. 14. Identify opportunities, engaging and fostering relationships and partnership working within the organisation, and with third parties, to identify and deliver value to the organisation.15. Work with organisations external to the NHSBSA (e.g. the DHSC and GDS) when necessary to assist in clarifying their needs and requirements and be capable of devising options for security solutions, along with full assessment and cost estimation. 16. Handles sensitive commercial & financial information, ensuring that the security solution architectural designs adhere to relevant legislation and standards including for example, Information Security, NHS Confidentiality and Data Protection legislation. 17. Implement, monitor and report on several areas including agreed service levels, KPI's and standards within security architecture.18. Operate as an SME and point of authority on security architecture, making credible, pragmatic and practical security decisions and communicate with sensitivity and diplomacy to ensure the right technical direction is followed and to guide the business to make the best use of its existing IT where appropriate and to make recommendation about what other IT assets it needs to invest in. 19. To demonstrate creativity and innovation in applying IT solutions and services to develop and improve services and quality for the benefit of the organization and/or the end user of technology services. This includes devising and managing security initiatives to enable exploitation of digital services, capacity, performance, and system availability improvements that ensure business targets are met or exceeded and legacy services decommissioned, whilst ensuring data security and controlled access to data. 20. Responsible for providing expert help and guidance across the lifecycle of a security solution implementation, including technical and nontechnical aspects. This includes the migration of services across suppliers and closely with Technical Architects ensuring the solution and service design is successfully translated, built delivered and operated to meet security and business requirements21. Input into workforce planning, ensuring required operational commitments are fully met, business change is estimated, prioritised, and delivered, resourcing issues are identified, mitigated and managed to deliver business value.22. Manage, and input into the development and implementation of approaches, strategies, policies, standards and practices across the team, ensuring and monitoring the timely delivery of business objectives within budget through the management of projects and programmes.23. To identify and interpret DHSC, GDS, local and national security policy changes and directives, and assess the impact on IT Infrastructure and surrounding processes, including influencing policy information within own security specialism. 24. Produce and deliver in depth reports and/or presentations to NHSBSA, HMG or DHSC stakeholders staff and external parties, on any aspect of the work delivered. In addition to the above accountabilities, as post holder you are expected to:1. Undertake additional duties and responsibilities in line with the overall purpose of your role and as agreed by your line manager.2. Demonstrate NHSBSA values and core capabilities in all aspects of your work.3. Foster an environment where your own and colleagues safety and well-being is promoted.4. Contribute to a culture which values diversity and inclusion.5. Comply with NHSBSA policies, procedures and protocols as they apply to your role.6. Have SC clearance or willing to undergo clearance following appointment to post.