Cyber Security Architecture Lead

Job Description

Cyber security is one of the defining topics of our age, and cyber risk represents one of the most significant strategic risks to the UK's critical national infrastructure. At Scottish Power Energy Networks (SPEN) you will have the opportunity to approach this risk head on. SPEN have invested significantly in an ambitious security transformation programme to transparently reduce risk, achieve compliance with NIS regulations and deliver a cyber resilient business.

Reporting into the Head of Cyber Security Architecture, the Lead Cyber Security Architect role is a critical role in ensuring delivery against the strategic security vision and development and maintenance of associated security standards and documentation. The role will also ensure that all functions that rely on network and information systems are protected, resilient and prepared against cyber incidents.

The position requires the ability to identify opportunities to use technology to deliver secure services that are more effective. To do this, the role holder must be able to influence and communicate successfully with the relevant parties inside and outside of the company while remaining accountable for the outcomes. The role holder to work closely across all Infrastructure, Telecommunications, Security and Business IT teams and with wider Corporate Security in order to achieve key goals.

What you'll be doing

• Leads the delivery of the Security Architecture Plan and development of associated roadmaps, identifying new security capabilities to support overall NIS compliance, and taking responsibility for the development of these capabilities into fully defined cost-effective security services.
• Provides effective leadership, motivation and task direction for security architecture domains including, but not limited to Data, Application, Identity and Access , AI and Cloud.
• Feed in to the SPEN security strategy. Ensuring alignment between security architecture frameworks and standards with overall business strategy.
• Participate in the sourcing strategy and works in close collaboration with SPEN Procurement and Legal Teams to procure the required services to meet the Security Architecture Plan.
• Customer focused with a demonstrable track record of building relationships with senior and executive stakeholders, building strong and collaborative relationships with all key stakeholders inside and outside of the organisation.
• Ensure that security architecture supports at each stage of the delivery of new projects as indicated by the 'Secure by Design' process.
• Take key ownership for the creation of security design documents and architecture artefacts
• Interfaces with the relevant Design Authorities, providing security guidance at all times.
• Ensure consideration of asset management and data security best practice in relation to NIS regulations.
• Drive the adoption of secure designs, patterns and best practices.
• Keeps abreast of the latest intelligence from sources of cyber threat information and briefs stakeholders with actionable information.
• Contribute to security investment governance processes.
• Ensure performance management development of up to 4 direct reports.

What you'll bring

• Demonstrated experience in managing relationships with senior stakeholders
• Information risk assessment and risk management
• Protective security and understanding of threats to OT
• Identification, prioritisation and leadership of key security technology opportunities.
• Experience of understanding and managing aspects of cyber risk, including the assessment, analysis, and reporting of cyber risk in a business context
• Knowledge and experience of delivering one of more of the following areas: enterprise architecture, infrastructure, or application architecture
• Experience in defining and/or implementing security controls across multiple layers of the IT architecture stack
• Motivational skills for team management.
• Ability to analyse problems, identify core issues and recommend appropriate solutions
• Recognised cyber security qualifications (e.g. CISSP, CISM, NCSC CCP, M.Inst IISP, etc.)
• Recognised architecture qualifications (e.g. SABSA, TOGAF, etc.)

What's in it for you

As well as a competitive salary which is reviewed annually, you can also enjoy a number of other benefits. With our pension scheme, we'll double match your contribution up to a company contribution of 10%.

At ScottishPower, we believe it's the little things we do in life that make a big difference. From helping you look after your family's wellbeing, save for your future and take personal steps for climate action - our benefits are designed to help you do just that - so that you have everything you need to take care of your world - today and tomorrow. That's why our benefits include:

• 36 days annual leave
• Holiday Purchase - perfect your work/life balance with extra annual leave
• Share Schemes
• Payroll Giving and Charity Matched Funding
• Technology Vouchers - save more and spread the cost of your technology purchases
• Electric Vehicle Schemes - to help you transition to green/clean driving
• Cycle to Work scheme and Public Transport Season Ticket Loans
• Healthcare benefit options including: Dental Insurance, Private Medical Insurance, Health Cash Plan and annual Health Assessments
• Life Assurance (4x salary)
• Access to Savesmart financial wellbeing support
• Plus shopping, leisure, restaurant and gym discounts, and unique employee deals on travel insurance and more

Why SP Energy Networks

SP Energy Networks is part of the Iberdrola Group, one of the world's largest integrated utility companies and a world leader in wind energy. We keep electricity flowing to homes and businesses through Central and Southern Scotland, North Wales and in the North West of England. We operate over 4000km of cables and lines that make-up the transmission network - connecting infrastructure like wind farms into the electricity system. It's a role that puts us right at the heart of Scotland's ambition to be Net Zero by 2044. And we're taking it very seriously. We're investing >£5.5 billion into our transmission network, directly supporting the rapid growth needed in renewable energy. With diverse opportunities across our businesses and a commitment to invest in our own internal talent, ScottishPower can offer people real career opportunities that meet personal and professional goals, in a global organisation.

Inclusion, diversity, and a social purpose are at the heart of everything we do. Together with our values, they bring us together into a stronger, more sustainable business with direct links to the communities we serve. It takes all kinds of people to build a large-scale business like ours, so whatever your background, you'll fit right in.

We are committed to providing reasonable support or adjustments in our recruiting processes for candidates with disabilities, long term conditions, mental health conditions, or who are neurodivergent or require pregnancy-related support. If you need support, please reach out to [email protected].

Mobility

Please note that any applicant who is not a citizen of the country of the vacancy will be subject to compliance with the applicable immigration requirements to legally work in that country. If/when required, the Company will support the employee with the necessary Immigration requirements.