Location: Whiteley, PO15 (hybrid working) Duration: 3-month contract Inside IR35 Job specification: NATS (National Air Traffic Services) are looking for an IT Architect to join their team on a 3-month contract in Whiteley. We are looking for a candidate with a very good understanding of Security Risk Assessments (writing, endorsing and approving) and pen-testing activities (evaluating pen-test report, writing scope of the pen test for supplier to respond to) across all Information Security. PURPOSE OF THE ROLE: To ensure the protection of information across NATS' IT systems and data by providing security design expertise across all IS Service Groups (Core Infrastructure, ERP Capabilities, End User Services, Productivity & Collaboration, COTS and Custom Applications) and broader NATS business areas. Responsible for: Leading the security designs across all IS services to ensure unauthorised access to NATS' systems and information is prevented. Leading the assessment of security threats and vulnerabilities across all IS Services to ensure the relevant risks are raised and mitigations planned. Leading the completion and validation of Security Risk Assessments (SRA) to ensure that the risks of information vulnerability are documented and addressed in service designs or raised as residual risks across all Service Groups. Ensuring that all IS services are designed with necessary security logging and monitoring to meet security, business needs and audit requirements. Ensuring that the Service Design template material encompasses security aspects so that secure by design is maintained and improved. Balancing design decisions between functional, service quality and service management requirements to ensure the efficiency of the solution for the Business. Ensuring that security architecture principles, policies & standards are addressed across all IS service designs for all Service Groups. Ensuring that all security design-related knowledge is digitised and readily accessible for use by other teams to access. Gather intelligence on emerging security technologies to detail impacts, threats and opportunities into the Service roadmaps. What we are looking for in you: Essential: Expert knowledge of a wide range of Security Technologies, with working knowledge of their integration, configuration and data needs. Certified to one or more of the following industry certifications: CISSP, CISM, CISA, CRISC, CCISO or equivalent professional certification. Demonstrable experience of working in a solution architecture or service design capacity in one or more of the following; Infrastructure Technology - on premise and cloud, COTS applications, productivity & collaboration, corporate systems, Information management and end user devices. Skills in designing countermeasures to identified security risks. Able to assimilate and consider issues from the technical, contractual and business perspective, supported by a pragmatic attitude to the implementation of security in a complex and diverse organisation. A good understanding of the approaches required to identify, quantify and address information security or cyber vulnerabilities in an organisation. Demonstrated capability to resolve conflict; build, maintain and utilise relationships with key internal and external stakeholders to achieve optimum business goals. Strong analytical and conceptual reasoning and highly effective communication skills. Ability to articulate complex issues and concepts to a wide range of recipients both written and verbally. Desirable: Good understanding of the NATS operating environment and our strategic intent / objectives. Experience of driving or influencing a centre of excellence. Good understanding of ITIL methodologies and standards (ITILv3 and above, Foundation level) or applicable framework. Good understanding of NIST, SABSA, TOGAF and Zachman or equivalent architectural framework. Good working knowledge of an Information Security Management System and the ISO2700x/Cyber Essentials series of standards. Experience of the development and implementation of appropriate risk mitigation plans, policies, processes and technical controls. Makes sound commercial/strategic decisions that affect long-term delivery, taking account of risk effect. Creates a credible vision for area/business and communicates it with clarity and purpose. If you are an experienced IT Architect with a strong background in IT infrastructure and security, we would love to hear from you. Apply now to join our client's dynamic and innovative team in Whiteley.