Overview
As the Senior Security Architect, you will be a key part of the Information Security team, focused on developing, implementing, and governing robust security architecture strategies and patterns across Thames Water. This role supports our mission to protect systems, data, and operations from cyber threats by enabling secure-by-design practices across all digital initiatives.
Reporting to the Head of Security Architecture, you will work collaboratively with key stakeholders across Thames Water to ensure new and existing technology capabilities are designed and delivered with the necessary, appropriate and proportionate security measures. This role requires deep technical expertise, strategic thinking, and strong leadership in embedding cybersecurity into the digital transformation journey.
Base location - Hybrid - Clearwater Court, Reading
Full Time - 36 hours per week
What you’ll be doing as the Senior Security Architect
* Security Architecture Strategy: Assist in the development and maintenance of the company-wide security architecture strategy and roadmap.
* Secure Solution Design: Lead and review security designs to ensure end-to-end solutions meet security requirements across projects and programmes.
* Security Architecture Artefacts: Create and manage security patterns, reference architectures, and technical standards for secure design and implementation.
* Threat & Risk Assessment: Conduct threat modelling and risk assessments to identify security gaps and recommend proportionate controls.
* Security Control Assurance: Validate implementation of agreed security designs through testing, reviews, and go-live assessments.
* Collaboration Across Teams: Work closely with enterprise and domain architects, cyber security, project managers, and business stakeholders to embed security into design and delivery.
* Security Governance & Compliance: Ensure adherence to internal and regulatory security standards by providing oversight throughout project and solution lifecycles.
* Vendor & Product Evaluation: Provide security input into technology procurement and vendor selection to ensure alignment with security architecture requirements.
* Security Awareness & Best Practice: Champion secure-by-design principles and contribute to developing Thames Water’s security architecture capabilities and culture.
What you should bring to the role
Essential Experience
* Security Architecture Frameworks: Experience with frameworks such as SABSA, TOGAF, or Zachman.
* Technical Knowledge: Proficient in designing secure solutions across cloud, on-prem, and hybrid environments, including IT and OT domains.
* Security Infrastructure: In-depth knowledge of technologies such as firewalls, WAFs, IPS, SIEM, endpoint protection, and IAM.
* Secure Systems Design: Proven experience in embedding security controls in system architecture across various platforms and environments.
* IAM Design: Direct experience designing identity and access management solutions, including Active Directory, Azure IAM, and RBAC.
* Business Engagement: Ability to translate technical security requirements into business-focused language and work effectively with stakeholders at all levels.
Essential Skills & Qualifications
* Education: Educated to degree level or equivalent experience.
* Certifications: Security certifications such as CISSP, CISM, or equivalent.
* Communication: Strong written and verbal communication skills, capable of articulating complex issues clearly.
* Analytical Thinking: Excellent problem-solving and critical thinking skills, with the ability to balance business needs with security.
* Self-Starter: Proactive, highly motivated, and able to work independently in a fast-paced, changing environment.
Desirable Experience
* Security Architecture Delivery: Experience working within a security architecture or similar function.
* Modelling Tools: Experience using architecture modelling software (e.g., BiZZdesign, ArchiMate, BPM tools).
* Compliance Standards: Familiarity with compliance frameworks and standards in system design (e.g., ISO 27001, NIST, and CIS).
* Architecture Artefacts: Experience in creating reusable security architecture models and patterns.
Desirable Technical Skills & Qualifications
* Advanced Certifications: Additional certifications such as CISA, SABSA, or TOGAF are desirable.
* Security for Emerging Tech: Understanding of security considerations for AI, containerisation, Kubernetes, and cloud-native applications.
What’s in it for you?
* Competitive salary up to £85,000 per annum, depending on qualifications, skills and experience
* Annual Leave - 26 days holiday per year, increasing to 30 with the length of service (plus bank holidays)
* Performance-related pay plan directly linked to both company and individual performance measures and targets.
* Generous Pension Scheme through AON
* Access to benefits to support health, wellbeing and finances – including annual health MOTs, physiotherapy, counselling, Cycle to Work, shopping vouchers and life assurance.
Find out more about our benefits and perks
Who are we?
We’re the UK’s largest water and wastewater company, serving more than 16 million customers. We’re committed to building a better future for our customers, communities, people, and the planet. We’re looking for passionate and skilled people to help us achieve our goals.
Learn more about our purpose and values
Working at Thames Water
Thames Water is a unique, rewarding, and diverse place to work where you can make a difference. If you’re looking for a sustainable and successful career, we’ll support you every step of the way. Real purpose, real support, real opportunities. Come and join the Thames Water family.
We’re committed to being a great, diverse, and inclusive place to work. We welcome applications from everyone and want to ensure you feel supported throughout the recruitment process. If you need any adjustments, please let us know, we’re here to help and support.
Disclaimer: due to high volume of applications we may close the advert earlier than the advertised date, so we encourage you to apply soon to avoid disappointment.
#J-18808-Ljbffr