Reporting to: Delivery Team Leader (Cyber Fusion Centre)
Location: York (UK) or Lisbon (Portugal)
Type: Permanent
Band: II
Company Description Hiscox is a diversified international insurance group with a powerful brand, strong balance sheet, and plenty of room to grow. Listed on the London Stock Exchange and headquartered in Bermuda, Hiscox has over 3,000 staff across 14 countries and 34 offices.
Structured by geography and product, Hiscox's long-held business strategy has helped them grow from a niche Lloyd's underwriter to an international insurance group with a powerful and trusted consumer brand.
The Role The Cyber Security Architect works in our Cyber Fusion Centre, responsible for ensuring the safety and security of our business assets and interests. You will design, build, and implement security solutions to protect us against sophisticated cyber threats. You will translate business needs into security requirements, ensuring that systems and data are protected from unauthorized access and potential breaches.
You will work closely with our Red and Blue Teams to identify vulnerabilities and control gaps, turning these into a pipeline of continuous improvement for our cyber defenses. You will collaborate directly with our Cyber Security Engineers to design, build, implement, and maintain the security controls needed to manage our cyber risks. Engagement with project delivery teams from across our business will be essential, providing expert security advice and guidance in support of their objectives. You should have experience working with various architecture and delivery methods, a strong technical background, and the ability to work in a high-paced operational environment.
Key Responsibilities Gather, analyse and prioritise requirements for security architecture and systems design.Develop and maintain a robust roadmap of security controls based on agreed objectives and priorities.Evaluate current security measures, analyse vulnerabilities and control gaps, and recommend improvements to mitigate risks.Perform technical risk and control assessments in support of the overall risk management lifecycle.Design and implement operational security capabilities, measuring the effectiveness of controls over their entire lifecycle.Support the development and maintenance of technical security policies, standards, and processes.Research emerging cyber security trends, threats, and technologies that can be used to improve our security posture.Define and govern delivery pipelines and plans to ensure controls are delivered on time and within budget.Support the development and maintenance of the security engagement model.Maintain detailed documentation relating to security systems design, including traceability to the requirements and any control assurance evidence.Ensure compliance with all relevant statutory and regulatory security commitments.Support the incident response lifecycle with the design and implementation of measures to contain the impact of a breach and prevent future incidents.Deliver education and training initiatives to raise awareness of cybersecurity, cultivating a secure by design culture across our business.Provide technical expertise and support to a team of security engineers and analysts.Candidate Profile 5+ years experience in a security architecture or security operations role.Excellent working knowledge of capability-oriented security architecture and design.Excellent working knowledge of Agile delivery methods, including DevSecOps models.Excellent working knowledge of requirements analysis and systems engineering.Excellent analytical skills with the ability to work under own initiative.Proven experience in governing and delivering security projects.Comprehensive knowledge of the latest tactics, techniques, and procedures and how to mitigate.Comprehensive working knowledge of commonly used security technologies.Good presentation and technical design writing skills.BSc or MSc in Cybersecurity is desirable.Cybersecurity architecture qualifications from bodies such as SANS, CREST, and ISC2 are desirable.Industry-recognized vendor certifications in security technologies are desirable.Diversity & Benefits At Hiscox, we care about our people. We hire the best people for the job and are committed to diversity and creating a truly inclusive culture, which we believe drives success.
Working life doesn't always have to be in the office, so we have introduced hybrid working to encourage a healthy work-life balance. This hybrid working model is set by the team rather than the business to enable you to manage your own personal work-life balance.
Our benefits package includes a bonus, contributory pension, 25 days annual leave plus 2 Hiscox days, a 4-week paid sabbatical with every 5 years of service, private medical for all the family, and much more.
Work with amazing people and be part of a unique culture. If you want to help build a brilliant future; work with amazing people; be part of a unique company culture; and enjoy great employee benefits that take care of your mental and physical well-being, come and join us.
Get in touchIf this is your first time visiting our career site and you wish to stay in touch, please select the 'Introduce yourself' button on the top right. This will allow us to contact you with suitable vacancies. If you are a returning prospect and wish to view our current vacancies, please Search for Jobs using the link on the top right.
About usWe're a global, specialist insurer headquartered in Bermuda and listed on the London Stock Exchange. With 3,000 employees and 32 offices in 12 countries, we're a business with lots of opportunity for people with talent, spark, and ambition. If you want to build a great career with a company that prioritizes strong values – such as integrity and courage – where our people always pull together to do the right thing for each other and our customers, then we'd love to hear from you.
#J-18808-Ljbffr