Job Description:
Security Architect
Staines (TW18 3DZ) / Manchester (M50 3SP) / London (EC2R 7HJ)
Hybrid working (mostly remote with some on-site at Manchester / Staines)
Permanent
Up to £90,000 (D.O.E) + 10% Bonus + Fantastic Benefits
Full time 37.5 hours per week
At Bupa, we’re passionate about technology. With colleagues, customers, patients, and residents in mind you’ll have the opportunity to work on innovative projects and make a real impact on their lives.
Right from the start you’ll become part of our digital strategy, joining us on our journey and developing yourself along the way.
The Security Architect will work with stakeholders across IT and the business to ensure that the appropriate tools, people and processes are in place to safeguard the confidentiality, integrity and availability of Bupa applications, data and infrastructure.
They will need to understand the technological and business impacts of information security threats risks and use this to advise on, develop and support the implementation of appropriate security solutions and controls.
This is a central role in the Bupa UK Security team as it will help to embed a culture of security and privacy by design in the IT delivery lifecycle, applying and maintaining the security architecture framework against our systems and services, and ensuring that security strategy, design patterns and configurations are adhered to.
The role will also come with responsibilities to maintain and develop our enterprise security reference architecture, which will require the creation of security product strategies and roadmaps.
How you'll help us make health happen:
1. Accountable for security design decisions within their portfolio of applications and systems.
2. Develop security design artefacts for UK IT projects, ensuring that solution designs include effective and appropriate security measures that safeguard the security, confidentiality, integrity and availability of Bupa UK information systems in compliance with the relevant legislation, regulations and standards.
3. Be the security subject matter expert for the security technologies used across the UK market unit, having knowledge of the security threats and IT risks, vulnerabilities and weaknesses specific to the business.
4. Champion continual improvement in security delivery practices, including implementation of security technologies and processes in the delivery lifecycle (SDLC) across the UKMU including instilling the right behaviours.
5. Provide specialist IT Security Services and advice to meet business needs; undertaking security capability assessments, impact analysis and design guidance as required.
6. Provide technical security advice and validate the implementation of Security by Design principles through the relevant UK IT governance forums.
7. Develop security architecture strategies and roadmaps for the UK Market Unit (UKMU) and support the adoption of this these across the organisation.
8. Support the research and evaluation of security related hardware and software solutions, and input into the business cases for investments. Contribute to impact assessments of business change on the IT security architecture and associated artefacts.
9. Contribute to the development and maintenance of security policies, procedures, and standards for UKMU IT.
10. Ensure efficient and cost-effective operation of security products are within agreed budgets.
Key Skills / Qualifications needed for this role:
11. A relevant technical degree and / or industry recognised qualification (examples: CISSP, SABSA, TOGAF)
12. Excellent technical knowledge and design experience of security technologies, such as network security appliances, identity and access management (IAM) systems, cryptography, SIEM, anti-malware solutions, automated policy compliance tools, and desktop (end user device) security tools.
13. Experience of architecture frameworks and design approaches (e.g., SABSA, TOGAF, ZACHMAN), with experience applying any of these also desirable.
14. Experience of application and web technology security design (for example OWASP).
15. An understanding of British and International Security Standards (e.g., NIST, ISO/IEC 27001, ISO/IEC 27002, CSC20) relevant UK and EU privacy legislation (especially Data Protection Act 2018 and EU GDPR) and the UK regulatory environment (e.g. ICO, FCA, PRA and CQC).
16. The ability to translate complex situations into simple solutions, as well as the skill of problem decomposition / answer.
17. A forward-thinking and positive attitude that balances the needs of the business with the broader strategic ambitions of the security function.
18. Excellent documentation skills, with the ability to describe things visually desirable.
19. Able to demonstrate a professional and credible image.
20. Good interpersonal, communication and influencing skills with the confidence and ability to operate effectively at all levels including with other architects, designers, engineers, senior management, and external parties.
Benefits
Our benefits are designed to make health happen for our people. Viva is our global wellbeing programme and includes all aspects of our health – from mental and physical, to financial, social and environmental wellbeing. We support flexible working and have a range of family friendly benefits.
Joining Bupa in this role you will receive the following benefits and more:
• 25 days holiday, increasing through length of service, with option to buy or sell
• Bupa health insurance as a benefit in kind
• An enhanced pension plan and life insurance
• Annual performance-based bonus
• Onsite gyms or local discounts where no onsite gym available
• Various other benefits and online discounts
Why Bupa?
We’re a health insurer and provider. With no shareholders, our customers are our focus. Our people are all driven by the same purpose – helping people live longer, healthier, happier lives and making a better world. We make health happen by being brave, caring and responsible in everything we do.