Trac proudly powers the recruitment for

NHS Business Services Authority

About

The NHSBSA values and respects the diversity of its employees, and aims to recruit a workforce which reflects our diverse communities. We welcome applications irrespective of people’s age, disability, gender, race or ethnicity, religion or belief, sexual orientation, or other personal circumstances.

We have policies and procedures in place to ensure that all applicants are treated fairly and consistently at every stage of the recruitment process, including an invitation to the first stage of the selection process and consideration of reasonable adjustments for people who have a disability.

The NHSBSA will not normally re-engage a former employee in any capacity including in a self-employed/consultancy capacity; through an agency; in a temporary or permanent post or to a supply list, for a period of 12 months after the redundancy date.

Contact

Address
NHS Business Services Authority
Stella House
Goldcrest Way
Newburn Riverside
Newcastle Upon Tyne
Tyne and Wear
NE15 8NY
Contact Number
0191 283 8950

Find out more

Jobs Website
Open
Ref: 914-BSA7190879 Vacancy ID: 7190879

Enterprise Security Architect

Accepting applications until: 04-Jun-2025 23:59

Open

Accepting applications until: 04-Jun-2025 23:59

Location

Stella House
Goldcrest Way
Newcastle upon Tyne
NE15 8NY
Tyne and Wear

Contract type & working pattern

Permanent
  • Full time
  • Flexible working
37.5 hours per week

Salary

£74,290 - £85,601 per annum
Yearly

(NHS AfC: Band 8c)

Specialty

Enterprise Security Architecture

Job overview

The Enterprise Security Architect within the NHSBSA Security Architecture team is a pivotal role responsible for defining the security architecture strategy and directing security solutions for applications, information, and infrastructure. This role is crucial as the NHSBSA transforms its IT systems to better support the business. 

We are looking for the following:

  • Experience: Substantial experience in security architecture and strategic leadership.
  • Skills: Ability to rationalise complex technical information and make it understandable for others.
  • Autonomy: Exercise substantial personal responsibility and autonomy in planning team workloads.
  • Travel: Willingness to travel across NHSBSA locations as required.


What do we offer?

•    27 days leave (increasing with length of service) plus 8 bank holidays
•    Flexible working (we are happy to discuss options such as compressed hours)
•    Flexi time
•    Hybrid working model (we are currently working largely remotely)
•    Career development
•    Active wellbeing and inclusion networks
•    Excellent pension (20.6% employer contribution)
•    NHS Car lease scheme
•    Access to a wide range of benefits and high street discounts!

Advert

Key Responsibilities:

  • Leadership: Provide strategic leadership for the Security Architecture function within the DDaT department.
  • Team Management: Manage the security architecture team and oversee key deliverables related to security architecture and posture.
  • Consultancy: Offer advice, guidance, and consultancy on new and existing IT solutions, leveraging emerging technologies.
  • Collaboration: Work collaboratively with Heads of Service and Senior Managers to ensure effective delivery of products and services.
  • Communication: Demonstrate excellent communication skills, influencing various stakeholders including customers, suppliers, and partners.
  • Stakeholder Engagement: Facilitate collaborative approaches, prioritize requirements, and optimize resource utilization.
    Technical Expertise: Advise on standards, methods, tools, and applications to deliver optimal solutions.
  • Blueprint Management: Control IT Security Blueprints, defining end state architecture, current state, and transition roadmaps.
  • Roadmap Execution: Support the creation and execution of technology and service roadmaps, driving the transition to cloud technology and decommissioning legacy systems.

Working for our organisation

Here at the NHS Business Services Authority (NHSBSA), what we do matters.

We manage the NHS Pension scheme, process prescription payments and much more. Our services are used by NHS organisations, contractors and the public: we’re proud to be part of something meaningful, that touches millions of lives.

We design our services around customer needs and place people at the heart of our organisation. That’s why when you join us, you’ll be empowered and supported to help your career grow.

As one of the UK’s Best Big Companies to work for, we’re connected to our values: Collaborative, Adventurous, Reliable and Energetic. We care about our people, our purpose, and your progress.

We strive to offer a fantastic colleague experience, where every colleague is heard, supported and respected. Wellbeing, diversity and inclusion is at the centre of this, and you can join our Lived Experience Networks who help us bring our authentic selves to work.

We’re committed to being a flexible employer and we try to offer a working pattern that suits you where possible, through hybrid working, flexible hours and more.

Alongside a competitive salary with pay progression, we offer a people-centric benefits package, connecting you to the rewards and benefits you value most!

Ready to join us in delivering business service excellence to the NHS, helping people live longer, healthier lives? Apply today and see where the NHSBSA can take you.

We are people connected to care.

Detailed job description and main responsibilities

In this role, you are accountable for
 
1.    Take a holistic approach to design, develop a re-use approach as much as possible and have ownership across the BSA for Information Technology security architectural standards, project or programme IT architecture, leading a team of security architects
2.    Making high level strategic decisions to define “to-be” security architecture and to develop full technical solutions designs including preparation of technical artefacts, and blueprints, providing a high-quality security proposal for submission into internal and external business cases and assessments. 
3.    Establishing a team with clear roles and responsibilities for developing and maintaining our Security Architecture requirements and capabilities to deliver on the strategic direction and “to-be” architecture in line with best practice and required standards. Ongoing management of staff including all line management responsibilities, performance management including embedding GROW, appraisals, disciplinary, and standard HR processes for Security Architecture. 
4.    Working across/within different programmes and across different layers of architecture as needed and to translate business security requirements into IT services, solutions, investment and migration roadmap. Responsible for ensuring ongoing security improvement projects, it’s outputs and recommendations are appropriately managed in line with defined project timescales and milestones.
5.    Taking a lead role to identify and share good security practices, participating in relevant communities of practice to drive adoption of design standards, trends and patterns. 
6.    Undertake and lead on investigative analysis within multidisciplinary teams, providing technical authority, making credible and practical technical decisions, communicating these with sensitivity and diplomacy to ensure the right technical direction is followed. 
7.    Take ownership of particular areas of the business service, project or programme IT security architecture and ensure consistency with the Enterprise Architecture, HMG Security Strategy, HMG Digital Strategy and DH Digital Strategy and provides input into IT Strategy.  
8.    Research emerging tools and technology trends within and outside the NHS and ensure our technologies are appropriately aligned, applying the knowledge gained to be bold and innovative in approaching solutions, to assess potential value and identifying opportunities to enhance security capabilities for products and services used within the organisation.  
9.    Responsible for the security blueprint solutions for complex protective and vulnerability security management of both physical and data assets clearly defining the as-is and to-be security architectures and document the transition to the to-be solution and its integration in the overall Enterprise and Security Architecture blueprints. 
10.    Responsible for prioritising and planning own and team’s workload for projects and programmes proposed and/or underway.  
11.    Responsibility for contributing to budget management processes in accordance with NHSBSA’s policies, standing orders, financial regulations and legislative requirements.  
12.    Leading on strategic procurement of hardware and software for various areas of the organisation, including selecting suppliers, accountability for delivery of quality outputs, meeting delivery timescales. Giving full consideration to cost, specification, maintenance and support to ensure the overall needs of the business are met from an ICT Security Strategy perspective, and that they are aligned with the business and ICT strategic directions
13.    To work with NHSBSA staff and Third Parties to ensure that security policy, standards, governance and processes are in place for producing and maintaining up to date, comprehensive, comprehensible documentation which will include IT service security “blueprints” for all systems and services.   
14.    Identify opportunities, engaging and fostering relationships and partnership working within the organisation, and with third parties, to identify and deliver value to the organisation. 
15.    Work with organisations external to the NHSBSA (e.g. the DHSC and GDS) when necessary to assist in clarifying their needs and requirements and be capable of devising options for security solutions, along with full assessment and cost estimation.  
16.    Handles sensitive commercial & financial information, ensuring that the security solution architectural designs adhere to relevant legislation and standards including for example, Information Security, NHS Confidentiality and Data Protection legislation.  
17.    Implement, monitor and report on several areas including agreed service levels, KPI's and standards within security architecture. 
18.    Operate as an SME and point of authority on security architecture, making credible, pragmatic and practical security decisions and communicate with sensitivity and diplomacy to ensure the right technical direction is followed and to guide the business to make the best use of its existing IT where appropriate and to make recommendation about what other IT assets it needs to invest in.  

19.    To demonstrate creativity and innovation in applying IT solutions and services to develop and improve services and quality for the benefit of the organization and/or the end user of technology services. This includes devising and managing security initiatives to enable exploitation of digital services, capacity, performance, and system availability improvements that ensure business targets are met or exceeded and legacy services decommissioned, whilst ensuring data security and controlled access to data.  
20.    Responsible for providing expert help and guidance across the lifecycle of a security solution implementation, including technical and nontechnical aspects. This includes the migration of services across suppliers and closely with Technical Architects ensuring the solution and service design is successfully translated, built delivered and operated to meet security and business requirements 
21.    Input into workforce planning, ensuring required operational commitments are fully met, business change is estimated, prioritised, and delivered, resourcing issues are identified, mitigated and managed to deliver business value. 
22.    Manage, and input into the development and implementation of approaches, strategies, policies, standards and practices across the team, ensuring and monitoring the timely delivery of business objectives within budget through the management of projects and programmes.
23.    To identify and interpret DHSC, GDS, local and national security policy changes and directives, and assess the impact on IT Infrastructure and surrounding processes, including influencing policy information within own security specialism.  
24.    Produce and deliver in depth reports and/or presentations to NHSBSA, HMG or DHSC stakeholder’s staff and external parties, on any aspect of the work delivered. 

In addition to the above accountabilities, as post holder you are expected to
 
1.    Undertake additional duties and responsibilities in line with the overall purpose of your role and as agreed by your line manager. 
2.    Demonstrate NHSBSA values and core capabilities in all aspects of your work. 
3.    Foster an environment where your own and colleagues’ safety and well-being is promoted. 
4.    Contribute to a culture which values diversity and inclusion. 
5.    Comply with NHSBSA policies, procedures and protocols as they apply to your role. 
6.    Have SC clearance or willing to undergo clearance following appointment to post.  

 

Person specification

Personal Qualities, Knowledge and Skills

Essential criteria
  • 1. Business change, rationalisation and transformation and implementation of strategic approaches, plans, activities and solutions.
  • 2. Evaluation, interpretation, translation and communication of complex data/information from multiple sources and requirements to inform decision making.
  • 3. Design of cost effective and scalable enterprise solutions, from development through to implementation in a multi-supplier environment.
  • 4. Proven experience in developing and implementing security solution and enterprise architecture and design strategies in a multi supplier environment.
  • 5. Proven ability to undertake detailed security analysis of technical designs and provide the business with security assurance of supplier designs and proposals.
  • 6. Broad technical knowledge covering web applications and services, information, infrastructure, cloud and managed service architectures. Knowledge of GDS Principles, NCSC guidance and familiarity with the requirements of the Government Security Classifications and NHS DSPT. • Knowledge, and ideally experience, of emerging security technologies to mainstream business, such as Vulnerability management, Secure Baseline configuration, Logging and monitoring, Incident response, Security Analytics, Identity access management
  • 7. Experience of effective stakeholder management
Desirable criteria
  • 1. Enterprise architecture components and frameworks experience such as TOGAF, SABSA.
  • 2. Recent and demonstrable Team and Line Management experience
  • 3. A variety of approaches to hosted solutions and data centres including co-Location (and integration into Service Management models)
  • 4. Working to GDS Principles and/or having participated in GDS assessments

Experience

Essential criteria
  • 1. Engaging and building relationships with a range of stakeholders to support delivery of business outcomes
  • 2. Creatively interpreting strategy and translate emerging trends and technologies to design innovative security solutions and controls which benefit the organisation, reducing risk and enable opportunity.
  • 3. Complex system, information and security solution design.
  • 4. Developing and implementing security solution and enterprise architecture and design strategies in a multi supplier environment
  • 5. Comprehensive and recent experience in architecting security solutions in high-volume digital services
  • 6. Demonstrate detailed understanding of the security implications and appropriate security controls of hosting sensitive information in large scale UK Cloud based cloud infrastructure environments
  • 7. Ability to demonstrate a deep knowledge of security and privacy risks and threats along with a strong understanding of key considerations such as confidentiality, availability, integrity, non-repudiation and privacy.
  • 8. HMG cyber security policy, such as, NCSC guidance, Technology codes of practice and minimum-security standards
Desirable criteria
  • 1. Transition of legacy services into digital cloud-based solutions
  • 2. Team and Line Management, including staff development
  • 3. Open source and cloud technologies and their sourcing.
  • 4. Experience of migrating services across different Data Centre locations and legacy application consolidation
  • 5. Solution and service design and delivery within an Agile development environment.
  • 6. Hosted solutions, services and data centres including co-Location (and integration into SIAM Service Management models)

Qualifications

Essential criteria
  • • An IT related degree or equivalent
  • • Industry Recognised Qualifications e.g. CISSP, CISMP, CCP, ISO 27001 implementer. plus, significant demonstrable experience in two of the of the following: a. IT Security Architecture, working in several complementary security roles b. System and Service Architecture Design OR • Significant demonstrable experience in at least three of the following: a. IT Security Architecture b. HMG Information Standards and best practice c. Working in several complementary security roles d. System and Service Architecture Design e. Management of a significant ICT implementation
Desirable criteria
  • 1. Postgraduate level qualification in a relevant technical discipline or relevant equivalent experience
  • 2. TOGAF/SABSA Certification or equivalent, or willing to work towards this certification
  • 3. CESG Certified Professional (CCP) Senior IA Architect
  • 4. Experience of working in an agile environment and experience with agile methodologies such as Scrum, Kanban
  • 5. ITIL Certification
  • 6. ISO27001 Implementer/ Auditor

Documents

Further details / informal visits contact

Name
Tony Burgess
Job title
Head of Cyber Security & Infrastructure Services
Email address
[email protected]
Telephone number
07770 231925
LGBTQIE Top 100 2023
LGBTQIE Gold Award 2023
Menopause Friendly Employer
Disability confident leader
Armed Forces Covenant Gold Award
ENEI Gold '22
Better Health at Work Award
Step into health
Carer Confident -Accomplished
Stonewall Top 100 Employers in 2023
Care Confident Employer
Best Big Companies 2024
Outstanding to work for 2024
NFP Body's Top 5 to work for

Start your application

You must sign in to a Trac account before you can apply for this job.

Sign in

By signing in you are acknowledging our privacy notice.

Create an account

Create your account and apply for your new job!