Job Description

JOB TITLE:

Enterprise Security Architect

LOCATION:

Cambridge

SUMMARY OF POST:
The Enterprise Security Architect is a global role that will provide
leadership as well as in-depth expertise in all of the security policy
aspects surrounding the design, implementation and operation of
Information Technology solutions at the Press.
Through providing proactive recommendations, standards, policies and
security compliance assessments, the Enterprise Architect will
maintain the Press high standards for protecting the confidentiality,
availability and integrity of information assets. The ESA will also have
the opportunity to work on general enterprise architecture projects.
KEY ACCOUNTABILITIES:
On an ongoing basis, recommend and enable programmes of
practical and achievable security measures that lower the Press
exposure to security threats
Produce high quality documentation that communicate the security
measures needed and the benefits behind them
Produce high quality technical assessments, with metrics, of existing
security measures, identifying weaknesses, the risk they pose and
the recommended corrective actions
Promote cooperation with and between the various IT and business
stakeholders
To identify and make best use of opportunities for collaborative
working with technical and business teams
To assist the Chief Architect with the implementation of the roadmap
of strategic system changes across the Press

Enterprise Security Architect May 2014

 To use consulting and analytic skills and information gathering

techniques to investigate logical and physical solution architectures
that span corporate IT systems
To support application software development by collaborating with
the software development teams and promoting best practice
software development procedures
To keep yourself informed and up to date in your areas of expertise
and to actively share your knowledge with other colleagues
ADDITIONAL DUTIES:
To carry out any other duties which might be reasonably expected of
you by your immediate manager or a director.
PRESS POLICIES AND PROCEDURES:
To abide by all Press policies and procedures, as detailed in your
contract of employment and the Staff Handbook, e.g. Code of ethics,
anti-bribery and corruption, Health and Safety, e-mail and Internet use
and standards of behaviour.

Postholders
name:
.Date..

Signature

Managers
.Date..

name:.Signature

Directors
..Signature..Date..

Enterprise Security Architect May 2014

name:

Person Specification

JOB TITLE:

Enterprise Security Architect

LOCATION:

Cambridge

Essential

Desirable

Strong understanding of modern IT

security threats

Experience of working within a

book or journal publishing
environment

Knowledge of IT security
frameworks and methodologies
Knowledge of IT security related
software solutions, including
identity management
Good interpersonal and
communications skills
Experience of a broad array of
different technologies
Ability to document processes and
procedures clearly, concisely, and
for a range of target audiences

CISSP or similar IT Security

certification
Experience of database systems
MS SQL Server, MySQL, Oracle
etc.
Experience of J2EE application
servers and other web servers
Experience with SAP
Working knowledge of UML &
BPMN
TOGAF qualifications

Good organisational skills with the

ability to work to deadlines with
speed and accuracy

Experience of SAP/ASAP
methodology
ISEB Business Analysis
Qualifications
2 or more years experience of a
web application development
environment with experience of
some or all of the following:
J2ee, PHP, Javascript/JSON and

Enterprise Security Architect May 2014

web-service knowledge

Enterprise Security Architect May 2014