Security Solution Architecture

The Security Architecture team sits within the CTO department. The team is structured in two parts:

• Security Solution Architecture – responsible for defining and maintaining security solution architectures and designs, and supporting development of the enterprise security architecture


• Security Enterprise & Domain Architecture – responsible for defining and maintaining the enterprise security capability model and associated security domain architectures and roadmaps


This Security Solution Architect role will work in the Security Solution Architecture team. The successful candidate will be a delivery-focused expert in security solution architecture and design matters. They will be a trusted adviser to the Admiral IT and business teams, enabling them to deliver secure solutions at pace.

The Security Architecture Team is engaged on all areas of significant IT change in Admiral, such as the design and delivery of major cloud solutions in Azure and GCP, the roll out of new business product lines, customer-facing Digital projects, building out new security technologies, and the creation of Admiral’s Next Gen Architecture.

The Security Architecture Team has people working across Wales, Scotland and England. The team mostly works remotely but we’re a friendly team, with regular team meetings throughout the week, and we get together face to face in the office in Cardiff and for offsite meetings when we can.

Role Purpose

Security Solution Architects play a key role in the delivery of all new IT and security solutions in Admiral. Our aim is to be a trusted partner for the IT and business teams that we support, providing expertise and thought leadership to meet their security needs.

The Security Solution Architects lead the creation of the high-level security design for all new solutions. We own the security design end-to-end, meaning that we work with IT Architects, InfoSec, the Engineering teams, and project delivery teams to help resolve any security solution delivery challenges and ensure that the final solution is effective.

The Security Solution Architects also lead on the development of re-usable security solution patterns and reference architectures. We work with the Security Domain Architects to align solutions and patterns to the security technology roadmaps and overall security strategy.

Responsibilities

• Define security solution architectures and high-level security designs


• Own security solutions end-to-end to ensure the security architecture is delivered and effective


• Deliver high quality security solution architecture and design artefacts in a timely fashion


• Participate in design governance processes to shape security solutions and strategy


• Maintain the security solution architecture repository


• Work with InfoSec colleagues to assess security risks and define security control requirements


• Provide security architecture coaching and consultancy to help embed security architecture thinking across all areas of IT


• Work with the Enterprise and Domain Architects to understand the business goals and vision, and contribute to the security domain strategies and roadmaps


• Identify security technical debt and maintain the debt management repository and processes


• Manage key stakeholders including technical and non-technical
  
  Happy to take ownership of challenges and lead the way in overcoming them


• Passionate about what they do


• A continual learner (forever inquisitive for self-improvement)


• Self-motivated


• Delivery-focused


• Positive and a great team member


• Articulate in describing technical topics for non-technical audiences


• Comfortable interacting with audiences up to senior management level


Requirements / Technologies

• Extensive experience of working in architecture / design roles


• Expert knowledge of security frameworks and practices, with a strong technical grounding


• Proven track record of solving complex and challenging technical problems


• Excellent communicator, comfortable with audiences up to and including senior management


• Drive and enthusiasm for the benefits of security architecture and design


• Experience of architectural governance, standards, and methodologies


We are particularly keen to hear from candidates who meet one or more of the following criteria:

• Security design experience in at least one major cloud platform (Azure, GCP, AWS)


• Experience of working in large organisations in regulated sectors


• Certification in architecture frameworks (eg., SABSA, TOGAF)


• Cloud security design certifications (eg., AZ500)


• Security certifications such as CISSP, CISM etc


• Experience of working in Scaled Agile / DevSecOps environments
  
  We do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.


At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; it's one of the reasons we’re consistently voted one of the Sunday Times Best Big Companies to work for in the UK. We want you to have an element of freedom to define a working lifestyle that supports this, so accommodate flexible hours wherever possible.

All colleagues will receive 33 days holiday (including banks holidays) when they join us, and this will increase with length of service, up to a maximum of 38 days (including banks holidays). You also have the option to buy or sell up to five days of annual leave in addition to your allocation.

You can also view some of our other key benefits here.