Company Description

Inmarsat has been at the forefront of global mobile satellite communications for over forty years, and is the market leading provider of voice and high-speed data communications for users on land, at sea and in the air through its constellation of 14 geostationary satellites.  Inmarsat is a privately owned company with a profitable track record and significant growth aspirations. This is represented by more than 55 nationalities in the workforce, reflecting the global and dynamic nature of the business. With an investment of over $3 billion in its latest network infrastructure, Inmarsat is at the forefront of global mobile communications innovation.

Chief Operations Office 

Inmarsat’s Chief Operations Office (COO) plays a vital role managing the services that keep our business running and delivering to our customers. COO consists of 9 functions including: Satellite Operations, Network Operations, Service Assurance, Service Delivery Aviation and Customer Assurance, Service Delivery and Supply Chain, Project Management Office, Global Cyber Security and Group IT

Job Description

Primary role purpose:

As Inmarsat continues to mature our internal technology stack, and develop commercial cyber security products and services, we recognize the value of formal information security architecture & engineering processes as key enablers of such activities. It is the planning process that provides the models, templates and principles that are used to design, implement and operate cyber and information security solutions. It enables consistency, leverage and reuse to satisfy the business requirements for security services in an optimum manner.

The security architect plays an integral role in defining and assessing the organization's security strategy, architecture and practices. The security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. 
The role of the information security architect demands business insight; technical acuity; and the ability to think, communicate and write at various levels of abstraction. 

Key Responsibilities: 

• Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, threat and customer drivers
• Develop security strategy plans and roadmaps based on sound enterprise architecture practices
• Develop and maintain security architecture artifacts (e.g., models, templates, standards, patterns & procedures) that can be used to leverage security capabilities in projects and operations
• Track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in security strategy plans and architecture artifacts
• Participate in application and infrastructure projects, and commercial product/service development activities to provide security design and consultancy advice
• Draft security procedures and standards to be reviewed and approved
• Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, identity and access management (IAM) and cyber products and services
• Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria
• Conduct or facilitate threat modelling of services and applications that tie to the risk, data and industry drivers associated with the service or application
• Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
• Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems for both internal and commercial utilisation
• Review network segmentation to ensure least privilege for network access
• Liaise with the Procurement team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:   o Software as a service (SaaS) providers    o Cloud / infrastructure as a service (IaaS) providers    o Managed service providers (MSPs)    o Payroll providers
• Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and report any findings to the Director, Security Engineering and Procurement teams
• Support the testing and validation of internal and commercial security controls, as directed by the Director, Security Engineering
• Review security technologies, tools and services, and make recommendations to the broader security and product development teams for their use, based on security, financial, operational and commercial metrics
• Liaise with other security architects and security practitioners to share best practices and insights

Qualifications

Essential Knowledge and Skills: 

• A bachelor's or master's degree or equivalent in computer science, information systems or other related field; or equivalent work experience is desired
• Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired
• Formal training in a relevant enterprise architecture methodology (for example, the Zachman Framework or TOGAF)
• Combined IT and security work experience, with a broad exposure to infrastructure/network and multiplatform environments
• Expert knowledge of security issues, techniques and implications across all existing computer platforms, including datacenter, networks, cloud (IaaS/PaaS/SaaS), micro-services and emerging/maturing technology platforms 
• Experience in using an enterprise architecture methodology (for example, Zachman, TOGAF and Gartner frameworks)
• Knowledge of a security-specific architecture methodology (for example, SABSA).
• Proven ability in security process and organizational design
• Knowledge or exposure to Cloud technologies, such as IaaS, SaaS & PaaS deployments, with detailed knowledge of Azure & AWS being highly desirable
• Experience or exposure to projects involving the UK MoD and/or HMG Standards
• Demonstrable experience of working as a Security Architect  
• Must be eligible to work in this location advertised
• Individuals with SC clearance or are eligible to apply for SC are highly desirable 

Additional Information

You must be eligible to work in this location advertised.

Inmarsat Values: 

Our values define Inmarsat’s culture and represent what we believe in. Inmarsat employees aspire to certain behaviours which support our corporate values, they create a stronger working environment and lie at the heart of our continued success as an organisation.

• Accountability – taking ownership, getting results and keeping our promises
• Respect – collaborating, embracing diversity and valuing differences
• Excellence – creating bold solutions for our customers and putting quality at the heart of everything we do