Cyber architect

Job reference 332902
Cyber Architect
Competitive salary plus car allowance, healthcare, 18% annual bonus potential, 25 days annual leave plus bank holidays rising with service and a company pension scheme with highly competitive contribution rates
FTC 12 months Full time
Hybrid London Farringdon x3 days a week
CYBER SECURITY ARCHITECT
The Cyber Security Architect is responsible for contributing to the security of RMG technology and information systems as it develops, procures, and uses technology and supporting processes in a pragmatically secure way within business risk appetite and RMG budget tolerances. The role supports the Cyber Portfolio and Architecture Director as a key senior broker between all technology teams in Group Technology, and the businesses they support, and the Security Operations and Cyber Governance, Risk & Controls teams.
The role holder needs to have the ability to apply complex technological issues to the business context and ensure that the business gets what it needs to succeed without exposing RMG to unacceptable risk or threats. This is not a role for a purist, the role holder needs to pragmatically balance competing agendas and tensions to deliver acceptable security not perfect security.
Key Accountabilities
* Strategic Focus. Provide subject-matter expertise and leadership to the delivery of projects in support of RMG’s Cybersecurity strategy and ensure that risks are being managed in line with the Board’s Risk appetite. This includes supporting and contributing to the development and deployment of strategic security architecture blueprints and technical security standards across RMG and to Business Partners and Service Delivery
* Stakeholder management. Able to engage and influence mid and senior stakeholders across Technology and business units with the ability to explain complex issues in simple language, and to stimulate second and third order thinking (i.e. what does this information mean to us as a business and therefore our risk picture vs our appetite?)
* Effective Security Advice. The role holder will ensure that RMG’s change and BAU renewal programmes receive timely, accurate and pragmatic security advice that position security as a business enabler not a compliance function. This includes supporting the Architecture Concurrence Process in order to make appropriate provisions for embedding security architecture principles.
* Pragmatic Security Architecture. The role holder will support, and as directed, lead the integration of security considerations into the fabric of RMG’s software development and adoption, and its infrastructure and platform adoption. This requires a business and technology horizon which spans significant parts of RMG and involves significant stakeholder engagement where technological credibility combined with clear communication is vital.
* Threat modelling. The role holder will perform threat modelling and security impact assessments in order to support development of security architecture blueprints and specify risk-based high level and detailed security requirements.
* Security Architectural Alignment. The role holder will ensure compliance with RMG Security Architecture for applicable Solution Architectures by supporting and guiding projects throughout development, and understand and use the methodologies required to effectively deliver the Security Architecture across RMG.
* Ability to innovate. This role requires creative thinking to make a significant contribution to the development of security architecture and patterns which leverage vendor, opensource and RMG developed technology applications and infrastructure. This includes tracking emerging technologies & standards, pilot, and adopt as appropriate in agreement with the business security related technological innovation. This needs to be done in sympathy with agreed budgets and timelines.
* Commercial awareness. The role holder must use their professional curiosity to understand RMG’s revenue generating business lines, their supporting functions and how technology enables these, in order to deliver appropriate security in support of their business goals.
* Continuous Improvement. The role holder will contribute measuring and improving the maturity and effectiveness of RMG Security Architecture and alignment with security architecture best practices. This includes participating in the development of security technologies and processes, and supporting efforts to improve the maturity of RMG Security Controls through continuous collaboration with suppliers and other RMG business areas (e.g. Security Operations, Infrastructure and Service Introduction).
KEY DIMENSIONS
* Influencing Skills and judgement. Strong influencing and negotiating skills to build trust and confidence at all levels in the Group, and using judgement to make risk based recommendations and decisions within parameters
* Analytical Skills. Strong analytical skills and the ability to see the big picture and apply the relevant detail to it. Ability to cut through the noise and provide clear and appropriate recommendations and direction
* Communications Skills. Demonstrable ability to clearly represent Cyber Risks within the business in both verbal, written, and presentational form. Clear ability to innovate and tailor messaging and delivery methods for different audiences.
* Commercial empathy. Able to understand the business and empathise with Technology and Cybersecurity leadership so that security measures are reinforcing business aims and user experience, not running counter to them. The role holder must be able to influence project teams to ensure security architecture compliance is met and to do this without going native as they will be required to overcome inertia and resistance to change.
* Technical expertise. The role holder must be credible in terms of technical knowledge with expert knowledge of Security Architecture across all domains with a strong focus on Server, Desktop, Network, Storage, O/S, Database, Virtualisation and Cloud.
Key Skills And Experience
* Expert knowledge of Cybersecurity architectural practices.
* Expert knowledge and understanding of Cybersecurity architectural principals and methodologies.
* Experienced in security practices across multiple technologies with proven expertise in security architecture
* Ability to work at senior technology level and ensure that tactical activity supports the strategic picture.
* Commercial experience from product selection and contract negotiation through to vendor relationship and service management.
* Agility of thought and comfort with complexity, together with the patience and resilience to overcome change inertia.
* The will to succeed in support of the business’ goals and to align potentially competing agendas to effectively manage Cybersecurity risk within the business risk appetite.
Qualifications
* Likely to be educated to degree level with a broad knowledge of Technology and cyber security
* Recognized security architecture related qualifications e.g. SABSA, TOGAF, CISSP-ISSAP
* Any relevant Security Operations certifications e.g. CISM, CRISC, SANS, CISSP, GIAC.
Extra Benefits
* Family friendly support - enhanced maternity pay, paternity leave, adoption leave and shared parental leave
* Discounts and offers - there are more than 800 offers to help you save on things like groceries, days out, holidays and your household bills*.
* Supportive and generous company sick pay
* Your Wellbeing - you and your family have 24/7 access to services and tools to help you get the most out of life. From your physical and mental health to financial and social support and advice. It’s free, and it’s for everyone.
* Available only to perm employees
Next Steps
The next stage of the selection process will be a face to face/virtual interview consisting of competency based and role specific questions.
Trust is the foundation of Royal Mail / Parcelforce / RM Property and Facilities Solutions. We aim to be transparent about the qualities we seek and what a career with us entails, building trust from the start of your journey with us. Your interview is the first step, and we want you to shine. To help you prepare, we’ll provide your interview questions in advance, so you can have your best examples ready. At Royal Mail Group, we value trust and our people.
We understand that candidates may not meet all the criteria for the role. If your experience is different, but you have relevant skills we’d love to hear from you.
Royal Mail Group is committed to inclusion and representing the diverse communities we serve. We welcome applications from all individuals. As a proud Gold signatory to the Armed Forces Covenant, we especially encourage applications from the Armed Forces community, including cadet instructors and spouses/partners.
We are committed to ensuring an inclusive recruitment process. If you require any adjustments to support you during the hiring process, please discuss these with your recruiter when contacted.
We are Forces family friendly and a Gold signatory to the Armed Forces Covenant. We welcome applications from ex-Armed Forces personnel, reservists, veterans, cadet instructors and military spouses/partners.
For more information on Royal Mail Group and our values please click here: https://www.internationaldistributionsservices.com/en/about-us/
Closing Date:. 19th December 2025 Please note, this advert may close early if the appropriate number of applications has been reached.