Senior Security Architect

London (Greater)
16 May 2018
15 Jun 2018
Contract Type
Full Time
The CISO (Cyber Security) team keeps Aviva safe and secure globally – that’s everywhere we operate the Aviva brand. We enable & protect the business, underpinning the digital agenda using our knowledge and capabilities to move the business forward faster and with confidence. We are committed to providing enhanced security, with ongoing investment to maintain secure and resilient control over our information assets against the new cyber threats in this digital era.Ultimately we ensure our employee and customer data is rigorously protected from attack and theft, but also securing what makes Aviva so special, our frameworks and models that are unique and highly valuable, so we also need to protect ‘what makes Aviva, Aviva”.

We are now looking to appoint a Senior Security Architect to define and oversee the implementation of our strategic cyber security capabilities and to engage with business and IT change areas across our markets to embed the security architecture, roadmaps and the ‘security by design principles’.

What you will bring:

You’ll be an enthusiastic catalyst for change. You’ll be the kind of person who can be pragmatic, whilst seeing the art of the possible and articulating longer term visions. You already know just how important security and information protection is to businesses and you can often spot the issues or gaps that need plugging before something negative happens. You will be adept at identifying and addressing emerging domain trends and articulating considerations, impacts and future decisions.

You’ll have an analytical mind and will be able to understand complex policies and advise on ways to communicate them effectively and engage our people in the ‘why’. You’ll be able to manage all kinds of stakeholders and be able to turn people around to a new way of thinking, even when they’ve got no desire to change. You’ll be able to build networks quickly and confidently and you’ll become a ‘go to’ person for security architecture topics.

You will also:

Be Educated to Degree level (or equivalent) preferably in Technology or Information SecurityHold a Professional qualification in Information Security e.g. Certified Information Systems Security Professional (CISSP) or similar and/ or Professional qualification in Architecture Development methods (e.g. TOGAF)Have demonstrable, well grounded experience in an information security field including key technologies and use of key Information Security Frameworks (e.g. ISF, NIST, ISO)Have experience of operating in a home team, and in virtual teams aligned to Domains and ProjectsWhat you’ll do

Take ownership of one or more of the Security Architecture Domains (see below), creating and maintaining domain assets such as Requirements, Landscapes, Principles, Visions, Target Architectures, Standards, and Roadmaps for eachLiaise with Project Managers and Solutions Architects/Designers to set projects up for success at the start, ensuring strategic value is delivered and tactical effort/spend is minimisedFacilitate workshops with Technical and Business stakeholders to provide direction or drive issue resolution - providing analysis, distilling down to key decisions, and capturing next steps or plan for issue resolutionPerform strategic design reviews at key points of the project lifecycle to identify any risks or capability gaps that need addressingPerform architecture governance using CISO and Group Architecture governance processes and board structuresProvide ad-hoc reports, viewpoints and white papers to respond to management questions, project issues etc.Engage, lead and direct activity with and through resources in other areas/teams (e.g. Group and Market CISO, Group and Market IT and Businesses)Through roadmap creation, be responsible for the planning and optimisation of complex projects / programmes, typically with a 1-2 year timeframe, that will impact multiple marketsThe Security Domains include:

Information Protection:- Data discovery, labelling & classification, data monitoring & data loss prevention, rights managementSecurity Management Services:- Security monitoring, event correlation and user behaviour analytics, vulnerability management, risk management, and threat intelligenceApplication & Database Security:- SDLC tooling incl. code scanning solutions, Database firewall & activity monitoring, application secrets managementIdentity & Access Management:- RBAC, recertification, federation, key & certificate management, conditional and posture based access, MFA incl. biometric, privileged access managementInfrastructure protection:- Signature and advanced anti-malware, endpoint lockdown, network security incl. gateways and IDS/IPS, infrastructure patching, build and patch complianceIf this sounds like the role for you we would love to hear from you. Please feel free to get in touch if you have any questions. Here at Aviva, we will offer you all the support you need to be successful and build a strong and positive career.

What will I get from this role

Salary of up to/between £60,000 to £90,000Generous defined contribution pension schemeAnnual performance related bonus and pay reviewMinimum holiday allowance of 25 days plus bank holidays and the option to buy/sell up to 5 additional daysUp to 30% discount for some Aviva products through “My Aviva Extras” plus discounts for Friends and FamilyExcellent range of flexible benefits to include a matching share save schemeAdditional Information

Bring to Aviva what makes you different and we’ll support you to do the best work of your life. We encourage applications from everyone who wants to help us achieve our purpose of helping our customers to Defy Uncertainty.

One of Aviva’s core values is Care More, and this is brought to life through the flexible ways we like to work. This may include working from home some of the time, or flexible work schedules to accommodate parent and carer responsibilities, further studies and hobbies.

This job was originally posted as

Similar jobs

Similar jobs