Lead Security Architect

Role: Security Architect

Location: Manchester – Hybrid, 1 day per week in our Spinningfields office

Thanks for checking out our job opening; we are excited that YOU are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, to make the world safer and more secure.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business… https://www.nccgroup.com/uk/

The Opportunity:

The Cyber and Information Security Team play a critical role in supporting our internal business functions alongside our external customer commitments. NCC Group’s internal security team work to develop, introduce and maintain administrative, technical and physical security controls to continually improve the Group’s security.

We are seeking a highly skilled and experienced Lead Security Architect to lead the review, design and implementation of our estate from a security perspective. You will be responsible for developing and maintaining a robust security posture across our organisation, ensuring the confidentiality, integrity, and availability of our systems and data.

This role requires a deep understanding of security principles, technologies, and industry best practices. This role presents an excellent opportunity to support this area and will help the Security Team in managing its cyber risks and meeting its business requirements. You will be working together closely with the Design Authority focussing on uplifting groups architecture from a security perspective.

Key Accountabilities:

• Investigating the ‘as is’ state currently in place across the groups systems and networks. Produce a picture of company assets and where any security concerns may arise.

• Assisting in identifying the areas of priority for any security improvements.

• Planning and designing security architecture improvements.

• Recommending security controls and identifying secure solutions that support well defined business objective.

• Providing specialist security advice and recommendations across teams and various stakeholders.

• Reviewing system security measures and recommending necessary enhancements.

• Being an expert advisor on the secure design of systems within the security team and providing security advice, guidance and sign off to the rest of Global Technical Services.

• Defining and documenting how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.

• Help the company constantly strive to improve cyber health, seeking out and exploiting opportunities for improvement.

• You must be willing to travel to NCC office locations globally and stay away from home on occasion.

Minimum Requirements:

• Proven experience as a Security Architect or similar role.

• Prior knowledge of Security architecture in a number of different technologies.

• Strong working knowledge of IT risks, cyber security, and computer operating software.

• Advanced understanding of security protocols, cryptography, and security.

• The aptitude and ability to quickly absorb technical detail of new or unfamiliar technologies is essential.

• Proven experience with writing architecture documentation.

Desirable Requirements:

Knowledge of as many of these technologies as possible is highly desirable:

• Various Endpoints (Windows, MacOS, Linux, iOS, Android)

• Multiple hypervisor and guest server operating systems (VMware, Citrix, Windows Server, SQL Server)

• Active Directory, including Red Forest/PAWS architectures

• MDM, and in particular Microsoft Intune

• Endpoint protection technology, particularly Microsoft Defender for Endpoint

• Knowledge of Email security technology, particularly Microsoft Defender for Office 365

• Microsoft 365 and Office 365

• Azure, including Azure AD and Entra

• Amazon Web Services

• Knowledge of Protective Monitoring/SIEM/SOAR

• Archimate or other modelling languages and frameworks

• Experience with adaption of architecture frameworks for example Togaf (ADM)

• Threat modelling experience

Behaviours:

• Strategic Thinking

• Technical Expertise

• Communication

• Problem-Solving

• Collaboration

• Adaptability

• Proactive

About NCC Group

The NCC Group family has over 2,200 members located all around the world, providing a trusted advisory service to 15,000 customers. Born in the UK, we have now have offices in North America, Canada, Europe, Asia- Pacific and United Arab Emirates.

We are passionate about helping our customers to protect their brand, value and reputation against the ever-evolving threat landscape. We fuel that passion with investment in our people and our business.

Our values and code of ethics are at the heart of how we operate – we work together, we are brilliantly creative and we embrace difference. We treat everyone and everything with equal respect.

We want to create an environment where all colleagues feel psychologically, emotionally and physically safe to be authentic, sharing their personal experiences to represent the diversity of the world they live in, and have equal opportunity to achieve their best.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process. This role being advertised will be subject to BS7858 screening as a mandatory requirement.