Security Architect

Come and join Imperial College for an exciting and high-reaching role within our newly formed Cyber Office!  

Imperial is a large and complex organisation which is distributed across six major campuses, of which the South Kensington site is the largest. There are some 50,000+ systems on the Imperial network and ICT provide the technical and administrative support.

The role of Security Specialists within the Technology Office, with one of the roles operating as Chief Security Officer, are responsible for designing and overseeing the implementation of IT security for the organisation. Covering the technology, tools, controls, processes and assessments, to manage security risk and compliance.

Across the College they deal with complex sets of security requirements, needs and solutions, and ensure that they work. Protecting the College’s data, systems and users from accidental or malicious attacks and ensuring the College meets all its regulatory obligations with respect to protection of data.    

The role needs to support the major step changes that will take place with respect to the IT products and services that the College will deliver in the future, ensuring that the security architecture and capabilities are transformed to reflect new delivery models and evolve to address further technical change and new threats.

Duties and responsibilities

• Develops the vision, principles, strategy and roadmap for IT security, covering people, process and technology as part of the Security Domain team.  
• Responsible for strategic thought leadership in IT security for the College and accountable for assurance of IT security implemented today, as well as for future-proof ICT services for the College.
• Creates and designs security for a system or service, maintains security documentation and develops architecture patterns and security approaches to new technologies.
• Is up to date with the latest security technologies and techniques, plus latest internal and external threats and understands how these fit in with ICT operations, products and services and the wider College. 
• Pro-actively engages with industry thought leaders within the Higher Education sector, such as but not limited to specialist leading vendors or peer universities for up to date, complete comprehension of security risks and options to mitigate these risks most successfully. 
• Responsible to minimise and reduce security risks for the College through setting out to identify and protect and secure vulnerabilities of the College for e.g. malicious attacks, breach of contracts or laws, loss of data or intellectual property, to keep the College’s reputation high. Doing so through creating proper policies and activating them when required, including by involving and mobilising appropriate stakeholders. 
• Researches and applies innovative security architecture solutions to new or existing problems and is able to justify and communicate design decisions.  
• Responsible for risk assessments for security decisions, understanding the impact that security risks may have on the wider College, and provides advice and leadership in decision-making on such risk-based security decisions, balancing requirements and deciding between approaches. 
• Is the point of escalation for security specialists across ICT of lower grade.  
• Provides consultancy and advice to the College on IT security and regulatory aspects of systems development, implementation and operation, formally approving these before Release to Production. This includes collaboration with and influencing staff, students and external stakeholders.
• Provides knowledge articles for relevant audiences including, but not limited to Service Operations staff and customers. 
• Manages the implementation, audit and enforcement of security technologies and controls.  
• Takes proactive steps and puts into place measures to ensure that ICT has proper mechanisms in place to protect the College’ data, systems and users from accidental or malicious attack and ensure the College meets all its regulatory obligations with respect to protection of data. 
• Part of the Technology Office Governance Board and participates in College executive security and data protection governance forums/committees to provide thought leadership on IT security risks, mitigation thereof, and decisions-making.
• Through its role, the job holder ensures that the College can perform its core functions uninterrupted from security breaches on a daily basis. 

This is a full-time, open-ended position. You will be based at the South Kensington Campus.

To arrange an informal conversation or to submit an application please contact Dave Flynn or Charlie Crane on Imperial-SDS@global-resourcing.com or on 0208 253 1806.

Imperial College is committed to equality of opportunity, to eliminating discrimination, and to creating an inclusive working environment. We are an Athena SWAN Silver award winner, a Stonewall Diversity Champion, a Disability Confident Employer and work in partnership with GIRES to promote respect for trans people.