Principal Security Tribe Architect Job Req ID: 40408 Posting Date: 7 Nov 2024 Function: Architecture Solution and Design Unit: Digital Location: 1 Braham Street, London, United Kingdom Salary: Competitive with Great Benefits Why this job matters The Security Tribe Architect is a key role driving the technical direction for the commercial BT Security portfolio covering ThreatCo, Security Controls, Cyber Security & Managed Firewall Security services for BT Business. This role matters because it is the technical leadership of every tribe, it is the thinker that makes sure we have the right roadmap that joins the technical strategy & architecture with the business outcomes for the tribe. It is key as it's moving the architecture decision making closer to the work, speeding up and simplifying making sure the architecture is being rolled out. The Security portfolio is unique and requires the use of security specific support systems to manage the BT Security Portfolio. As such, the TA will have integrate such systems into the overall architectural pattern whilst ensuring the integrity of our Architectural strategy. The TA maintains the decisions and backlog of technical debt too, for decisions made to not build strategically the TA will be accountable for those decisions balancing the business outcomes vs goal of building the strategic and ensuring we don't have to build tactically because we didn't have the right roadmap. What you'll be doing As Principal Tribe Security Architect you will have in depth knowledge of Security Architecture within a telecoms environment with a particular focus around cyber security principles, firewalls and threat management. You will be responsible for: - Architecture Strategy Development - Define and drive the security architecture strategy and roadmap aligned with the Tribe's vision, ensuring robust protection of telecommunications infrastructure. - Outcome Recommendations - Provide recommendations to the Tribe Lead on expected security outcomes, balancing customer value with technical debt and setting relevant security KPIs. - Technical Feasibility Guidance - Assess and guide the technical shaping of security-related epics and features, identifying major dependencies and integration points with existing systems. - Business Architecture Integration - Contribute to the overall Business Architecture roadmap by integrating security initiatives and ensuring alignment with business objectives. - Ownership of Security Capabilities - Manage and evolve the Tribe's security capabilities, ensuring they meet industry standards and regulatory requirements while collaborating with other Tribes. - Collaboration with Sub-Domain Architects - Work closely with Sub-Domain Architects to ensure that the strategic security architecture aligns with business needs and compliance timelines. - Engineering Excellence in Security - Drive engineering excellence by optimizing technical debt related to security controls and maintaining a backlog for continuous improvement. - Non-Functional Security Requirements - Ensure that security solutions meet performance, reliability, and compliance standards, implementing security by design principles. - Creation of Reusable Security Patterns - Lead the development of innovative and reusable security architectures to address complex cybersecurity challenges, cataloging best practices. - Stakeholder Engagement - Support the Tribe Lead in engaging stakeholders to gain support for proposed security solutions, providing technology expertise and identifying efficiencies. - Resource Planning for Security Teams - Recommend the composition and volume of security resources needed across squads to effectively manage threat detection and incident response. - Subject Matter Expertise - Act as a subject matter expert in cybersecurity, advising teams and senior management on complex security architecture issues. - Customer-Centric Security Design - Promote empathy-driven design principles to ensure security solutions enhance customer trust and protect sensitive data. - Funding and MTP Process Input - Contribute to the MTP process to secure necessary funding for advancing security architecture initiatives. Skills and Experiences To be suitable you must of worked in an environment where you are responsible for supporting a portfolio of architecture that generates in the 100's millions per year. This will be preferably in Telco, but will consider other industries such as Utility and Energy. We would expect interested applicants to have most of the following skills: - Technical Expertise in Security Protocols: Proficient in security frameworks (NIST, ISO 27001) and telecom-specific standards, with a strong understanding of network security, firewalls, and secure communication protocols. - Risk Management and Compliance: Skilled in conducting risk assessments and ensuring compliance with industry regulations (e.g., GDPR, CCPA) to protect sensitive data. - Stakeholder Management: Excellent communication skills to convey complex security concepts to diverse stakeholders, from technical teams to executives, fostering collaboration across departments. - Architectural Design and Strategy: Ability to design and implement a security architecture that aligns with business objectives, including creating and maintaining strategic roadmaps for security initiatives. - Agile Methodologies: Experience with Agile, Scrum, and SAFe frameworks to ensure rapid adaptation to evolving security threats and business needs. - Incident Response and Management: Proficient in developing and executing incident response plans, with knowledge of digital forensics to analyze and mitigate security breaches. - Innovative Problem-Solving: Strong creative thinking skills to devise innovative solutions for complex security challenges, focusing on outcome-based delivery. - Continuous Learning and Adaptability: Commitment to staying current with emerging security threats and technologies, demonstrating flexibility in strategy adjustments as needed. - Certifications: Relevant security certifications such as CISSP, CISM, or CEH are highly desirable. Benefits Annual On target bonus 15% (personal and company multipliers) Car allowance - worth £5500 a year, can be taken as cash) Private healthcare for you and your family BT Pension scheme; minimum 5% employee contribution, BT contribution 10% Life Assurance Direct share scheme Exclusive colleague discounts on our latest and greatest BT broadband packages 50% off EE mobile pay monthly or SIM only plans and 50% discount for friends and family on EE SIM only plans My Discounts gives colleagues access to unbeatable savings on everyday purchases at hundreds of retailers Discounted EE TV including TNT Sport and the NOW Entertainment membership Great support for working parents including pay whilst on maternity, adoptive, and paternity leave 25 days annual leave (not including bank holidays), increasing with service with buy holiday option Volunteering days so you can give back to your local community Brand new electric vehicle salary sacrifice arrangement, known as 'My EV' Our leadership standards Looking in: Leading inclusively and Safely I inspire and build trust through self-awareness, honesty and integrity. Owning outcomes I take the right decisions that benefit the broader organisation. Looking out: Delivering for the customer I execute brilliantly on clear priorities that add value to our customers and the wider business. Commercially savvy I demonstrate strong commercial focus, bringing an external perspective to decision-making. Looking to the future: Growth mindset I experiment and identify opportunities for growth for both myself and the organisation. Building for the future I build diverse future-ready teams where all individuals can be at their best. About us BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. We value diversity and celebrate difference. 'We embed diversity and inclusion into everything that we do. It's fundamental to our purpose: we connect for good.' We all stick to the same values: Personal, Simple, and Brilliant. From day one, you'll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won't be alone: we'll be there with help and support, learning and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it. A FEW POINTS TO NOTE: Although these roles are listed as full-time, if you're a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch. We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us. DON'T MEET EVERY SINGLE REQUIREMENT? Studies have shown that women and people who are disabled, LGBTQ, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.