Security Architect

at  Halfords

The Security Architect will play a pivotal role in ensuring that security is embedded into the design and operation of all products, systems, and processes. This includes providing technical leadership in security architecture, delivering security capability for product launch, and ensuring the ongoing resilience of organisational systems. The role will bridge technical expertise and strategic oversight, addressing gaps in technical security resources to reduce risk and enhance compliance with regulatory and internal standards. This highly collaborative role requires the ability to engage with development teams, project managers, and senior stakeholders, ensuring security is integrated by design from project inception to completion.

KEY SKILLS & EXPERIENCE

• Proven expertise in architecture design, including applications, systems, and underlying security infrastructure (e.g., firewalls).
• Experience designing security architecture within the retail sector (advantageous).
• Recognised, current security certifications (e.g., CISSP, CISM).
• Experience managing operational security activities, including governance and compliance.
• Strong understanding of regulatory and compliance frameworks such as NIST CSF, ISO 27001, and GDPR.
• Demonstrated ability to advise on secure software development practices.
• Demonstrable experience with security technologies and architectures
• Hands-on experience with MS Azure cloud security in complex environments.
• Familiarity with modern security practices, including zero trust, data architecture, and web security.
• Exceptional communication skills, with the ability to effectively engage across all organisational levels.

• Leadership & Strategy:
• 
  
  
  
• Lead the development and implementation of end-to-end cyber security solutions, including architecture design, process creation, and alignment with industry best practices.

• Drive security integration early in the project lifecycle to ensure risks are identified and mitigated proactively.
• Collaborate with senior leadership to embed security into organisational strategy and ensure alignment with business objectives.
• Technical Oversight:
• 
  
  
  
• Provide expert guidance on implementing secure-by-design principles across applications and infrastructure.

• Conduct architectural reviews and ensure security controls are implemented across all systems, with a focus on privacy and compliance.
• Define and oversee security testing requirements, including penetration testing, and provide actionable feedback to stakeholders.
• Operational Excellence:
• 
  
  
  
• Lead, facilitate, and participate in technical steering group meetings, change management processes, and project discussions to ensure security considerations are integrated and addressed effectively throughout the project lifecycle.

• Support the evaluation and integration of third-party vendors, ensuring due diligence and compliance with security standards.
• Oversee BAU processes, including the management of security controls and operational oversight, ensuring security is consistently maintained across critical activities.
• Collaboration & Training:
• 
  
  
  
• Act as a trusted advisor to project managers and development teams, ensuring security considerations are integrated seamlessly.

• Support knowledge transfer and upskilling within the organisation, fostering a culture of security awareness and accountability.