Mid Security Architect

Life Unlimited. At Smith+Nephew we design and manufacture technology that takes the limits off living.

At Smith+Nephew we are looking for: Mid Security Architect

Reporting into the Director Information & Cyber Security Architecture, the candidate will lead technical projects across a range of platforms delivering solutions based on the company portfolio.

The candidate will have direct responsibility for designing secure architecture and implementation of projects using BAU service teams with some requirement for first-hand involvement.

The candidate will have demonstrable experience of leading large, complex IT service projects, including IT outsource service transition and transformation.

What will you be doing?

• Develop and maintain enterprise security standards, policies, and tooling aligned with ISO, SOX, HIPAA, and global data protection regulations.
• Collaborate with cross-functional teams and projects to integrate secure architecture principles into solution design, identify risks, and drive remediation strategies.
• Lead security initiatives such as RFP creation, vendor evaluations (POVs), penetration testing (infra & app), and the implementation of secure design practices.
• Design and implement technical security solutions based on industry frameworks like CIS, NIST, and Cloud Security Alliance (CSA), tailored to our cloud environment.
• Support the development and transition of projects into production, ensuring robust security monitoring and controls are in place.
• Produce comprehensive security assessment reports and provide expert guidance to development and operations teams on mitigating identified risks.
• Assist in the selection, configuration, and troubleshooting of security infrastructure tools, and help automate repetitive security tasks.

What will you need to be successful?

• Proven experience in enterprise security, with strong knowledge of operating systems (Windows, Linux), networks (including Palo Alto firewalls), cloud platforms (Azure/AWS), and security tooling across IT and OT environments.
• Solid understanding of core security technologies such as SIEM, WAF, IDS/IPS, and a strong grasp of secure architecture principles including “Secure by Design” and risk management practices.
• Hands-on experience implementing and administering security controls for on-premises and cloud infrastructure, including identity access, network security, and endpoint protection.
• Strong scripting and automation skills (e.g., PowerShell, Python, APIs), and the ability to extract, parse, and manipulate data across formats (CSV, Syslog, JSON, etc.) to support security operations.
• Relevant certifications such as CISSP, CCSP, SANS, TOGAF, or cloud-specific security credentials (Azure/AWS), and a deep understanding of standards including ISO27001, SOX, HIPAA, and GDPR.
• Strong collaboration and communication skills, with experience working across multi-disciplinary teams, vendor environments, and project lifecycles to deliver secure, scalable solutions.
• Analytical mindset with high attention to detail, a flexible approach to technical challenges, and the ability to assess risks, drive innovation, and support ongoing security enhancements.

You. Unlimited.

We believe in creating the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion, Diversity and Equity: Committed to Welcoming, Celebrating and Thriving on Diversity, Learn more about our Employee Inclusion Groups on our website

Your Future: annual bonus, life insurance, company stock saving plan

Work/Life Balance: paid volunteering hours, flexible approach

Your Wellbeing: private health care with dental care package, multisport card/my benefit platform

Flexibility: possibility of working in hybrid model

Training: Hands-On, Team-Customized, subsidies for language classes, certifications and postgraduate studies

Extra Perks: referral bonus, recognition program, mentoring program

#LI-GG1

#LI-HYBRID