AWS Security Architect Principal

Job Description – Security Consultancy Principal

Job Details
• Job title: Security Consultancy Principal 

• Reports to (job): Senior Manager 

• Team: Mobile DDOPs- AI & DS 

• Location: UK 

Job Dimensions
• Hours: 37.5 
• No. Direct Reports: 0 
• Career Level: C 

Why BT Group?
BT Group was the world’s first telco and our heritage in the sector is unrivalled. As home to several of the UK’s most recognised and cherished brands – BT, EE, Openreach and Plusnet, we have always played a critical role in creating the future, and we have reached an inflection point in the transformation of our business. 

Over the next two years, we will complete the UK’s largest and most successful digital infrastructure project – connecting more than 25 million premises to full fibre broadband. Together with our heavy investment in 5G, we play a central role in revolutionising how people connect with each other. 

While we are through the most capital-intensive phase of our fibre investment, meaning we can reward our shareholders for their commitment and patience, we are absolutely focused on how we organise ourselves in the best way to serve our customers in the years to come. This includes radical simplification of systems, structures, and processes on a huge scale. Together with our application of AI and technology, we are on a path to creating the UK’s best telco, reimagining the customer experience and relationship with one of this country’s biggest infrastructure companies. 

Change on the scale we will all experience in the coming years is unprecedented. BT Group is disabled to being the driving force behind improving connectivity for millions and there has never been a more exciting time to join a company and leadership team with the skills, experience, creativity, and passion to take this company into a new era. 

Why this job matters
We are looking for a AWS security architect Principal, who will lead on a range of information security, data protection, governance, risk and compliance activities including client assurance, policy compliance, vulnerability management, risk assessments and incident response., you will be responsible for designing and implementing security solution in AI applications, while working closely with cross-functional teams. You goal will be to create and implement solutions that supports group’s security strategies, strategic decision making and align with business objectives - to boost operational efficiency, improve network performance, customer experiences, prevent network problems proactively, and streamline operations. 

What you’ll be doing – your accountabilities
• Leads the development and implementation of the AWS Security strategy, developing and maintaining a current road map including new features and subservices required to meet commercial demand as well as changes to the security landscape, the sector and technologies. 
• Leads the deployment, integration and configuration of the most complex security solutions and enhancements to existing security solutions in accordance with standard best operating procedures. 
• Leads the execution of threat modeling and security assessments, determining security requirements and specifications, and developing security solutions to satisfy design requirements. 
• Leads the provision of information and AWS security advice and guidance to key stakeholders across the BT Group including multiple senior stakeholders. 
• Leads the creation of policy for theAWS Security function relating to the compliance, validation and assessment of major information technology systems, developing and providing security and governance reviews. 
• Leads the design and implementation of information and AWS security controls and change initiatives across the BT Group. 
• Leads the reporting of the status of risk exposure and control maturity against the relevant policies and standards. 
• Operates as an SME in AWS security, providing expertise and analysis in the development of the Business Continuity Management Programme and Disaster Recovery Plan. 
• Ensures product compliance with applicable security standards, group policies and industry best practices. 
• Mentors and coaches experienced professionals to develop current and future team capabilities and ensure performance. 
• Leads the implementation of continuous improvement opportunities to improve AWS security processes. 

The skills you’ll need to succeed
• Security Assessment:
 leads a range of information security, data protection, governance, risk and compliance activities including client assurance, policy compliance, vulnerability management, risk assessments and incident response. 

• DevsecOps:
 Embeds security into CI/CD pipelines through automated testing, secure configuration, vulnerability scanning and continuous security controls. 
• Application Security:
 Implements SSDLC practices, conducts secure code reviews, threat modelling and ensures applications meet security standards. 
• Technical Security Architecture:
 Ensure that the BT Group’s technology systems and data are adequately protected. 
• Solution Design:
 End-to-End technical designs, ensuring that security requirements are successful translated into deliverable solutions, which meet customer needs whilst considering the impact of those solutions on all technical and business areas. 
• Security Governance:
 Establishes and maintains security governance frameworks, ensuring alignment with policies, standards, compliance and risk appetite. 
• Incident Management:
 Ensures that any incidents affecting processes and performances of services or systems are managed appropriately to mitigate risk and minimise disruption. 
• Be agile:
 Takes customer security requirements and assists in the development of an Enterprise Information Security Architecture including interpreting relevant security policies and threat/ risk profiles and applying common architectural frameworks. 
• Certifications:
 Cloud security and architecture certifications in cloud platforms (AWS). 

Leadership accountabilities
• Solution Focused Achiever:  This behaviour sits within the connected to customers part of the Connected Leaders Model. Being a Solution-focused Achiever means that you always deliver your ambitious goals, outcomes and timelines. It also means that you cut through complexity and obstacles to get to the right ethical solution at the right time. 
• Change Agent: This behaviour sits within the connected to people part of the Connected Leaders Model. Being a Change Agent means that you identify, create and lead smooth business changes. It also means that you adapt quickly and perform effectively – even when there’s ambiguity. 
• Team Coach: This behaviour sits within the connected to people part of the Connected Leaders Model. Being a Team Coach means that you coach and develop your people. 

Experience you’d be expected to have
• Leading complex security and assessments with measurable risk reduction outcomes. 
• Implementing DevSecOps practices within modern engineering pipelines, including automated security testing and controls. 
• Designing and governing enterprise‑scale security architectures across multi‑domain technology estates. 
• Delivering secure end‑to‑end solution designs that balance security, operability, performance and business needs. 
• Establishing security governance frameworks aligned to policy, risk, and compliance requirements in regulated environments. 
• Managing complex security incidents, coordinating stakeholders, and driving lessons‑learned and systemic improvements. 
• Working in agile delivery environments, translating security requirements into technical epics, guardrails and acceptance criteria. 
• Hands‑on experience with AWS cloud security architectures, landing zones, guardrails and platform controls backed by certifications. 
• Knowledge of data governance practices to ensure data quality, security, and compliance. 
• Demonstrates a comprehensive understanding of ethical considerations related to artificial intelligence and possesses the capability to develop and implement fair and responsible AI solutions. 
• Research skills to stay up-to-date with the latest trends and continue to learn new techniques. 

Key decisions / Being trusted: Our code

Compliance with all BT Group policies is mandatory and applies to all BT Group employees. Policies can be accessed via the Policy Portal and should be adhered to in-line with Standards of Behaviour Policy & Procedure and the Being trusted: our code.