Lead Security Architect

In order to support and enable the Big Work and the dramatic shift in today's cyber-risk landscape, our security decision-making and implementation processes are shifting from centrally controlled, stage-gated, waterfall approaches to more decentralized and agile methods. Instead of being confined to a centralized authority, risk decisions are to be made at the edge by delegated CISOs using agile processes and cyber judgment.

To facilitate this shift, cybersecurity requires scalable processes that can effectively handle conflicts, excess residual risks, and exception requests. These processes should be able to provide hands-on support at the speed required by the business.

The Global CISO is embracing an approach that involves centrally creating cybersecurity policies and capabilities with input from delegated CISO’s. These policies and capabilities are then adapted locally into standards, guidelines, and operating procedures. The "what" is defined centrally, while the "how" is resolved locally.

National Grid is hiring a Principal Security Architect on a permanent basis. The location for this role can be based in Warwick or London - We offer a hybrid working model.

Job Purpose

Our vision is to be recognized as a world leading Information Technology and Digital function in the energy sector and a trusted partner across National Grid businesses. In the Security Architect role, you will play a crucial role in ensuring our organization's information systems/operational technology is secure and protected against cyber threats. Your expertise will help us identify potential risks and vulnerabilities and develop effective mitigation strategies to protect our assets and support our vision of being a leader in our industry.

What you'll do

As an employee in the Security Architect role, your key roles and responsibilities will include:

1. Providing a security service steer to the projects and programs, on security related matters.
2. Ownership and definition of the security scope/architecture for a variety of projects deployed globally.
3. Drive security requirements, architectures, patterns and approaches via the company's processes.
4. Day to day engagement with development teams to advise and consult on security matters.
5. Work closely with project teams, DevOps teams to ensure solution complies with security requirements and that risks are appropriately managed.
6. Removing impediments for the successful delivery of the security related initiatives.
7. Provide technical security input as required by the security policy lead.
8. Coordination of technical design/review activities with various segments within the Security team.
9. Accountable for ensuring that key risks and issues are identified, addressed, and resolved in a manner that satisfies the business.
10. Accountable for ensuring residual risk is captured and owners are identified.
11. Conduct regular 1st line risk assessments to identify potential cyber threats and vulnerabilities to the business's systems and data.
12. Conduct 1st line supply chain assurance for suppliers, in co-ordination with the 2nd line Vendor Assurance team.
13. Conduct reviews of new or existing Vendor contracts to ensure appropriate clauses and addendums are included with the 3rd party contracts.
14. Develop and implement strategies to mitigate cyber risks and enhance the business's security posture.
15. Stay up to date with the latest cyber threats and trends and recommend appropriate security controls and countermeasures.
16. Maintain documentation and reporting on security-related activities, including risk assessments, incident response, and compliance audits.

About you

1. Bachelor's degree in a relevant discipline, or an equivalent combination of education, training, and experience.
2. 7 or more years of related experience.
3. Collaborate effectively with colleagues and suppliers in different time zones.
4. Strong analytical and problem-solving skills for making sound decisions under pressure.
5. Foster positive work environment with teamwork and effective communication.
6. Ability to influence, build relationships, and demonstrate team leadership skills in fast-paced, ambiguous, and autonomous professional service environment.

What you'll get

A competitive salary between £70,000 – £84,000 – dependent on capability.

As well as your base salary, you will receive a bonus of up to 15% of your salary for stretch performance and a competitive contributory pension scheme where we will double match your contribution to a maximum company contribution of 12%. You will also have access to a number of flexible benefits such as a share incentive plan, salary sacrifice car and technology schemes, support via employee assistance lines and matched charity giving to name a few.

More Information

The closing date for this vacancy is 9th of April. However, we encourage candidates to submit their applications as early as possible and not to wait until the published closing date. National Grid’s recruitment periods can and may vary. We reserve the right to remove this advert or close it to further applications at any point during the recruitment process.

DE & I statement

At National Grid, we work towards the highest standards in everything we do, including how we support, value and develop our people. Our aim is to encourage and support employees to thrive and be the best they can be. We celebrate the difference people can bring into our organisation, and welcome and encourage applicants with diverse experiences and backgrounds, and offer flexible and tailored support, at home and in the office. Our goal is to drive, develop and operate our business in a way that results in a more inclusive culture. All employment is decided on the basis of qualifications, the innovation from diverse teams & perspectives and business need. We are committed to building a workforce so we can represent the communities we serve and have a working environment in which each individual feels valued, respected, fairly treated, and able to reach their full potential.