SECURITY ARCHITECT L1(CONTRACT)

City: Reading

State/Province: Berkshire

Posting Start Date: 2/17/26

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading technology services and consulting company focused on building innovative solutions that address clients' most complex digital transformation needs. Leveraging our holistic portfolio of capabilities in consulting, design, engineering, and operations, we help clients realize their boldest ambitions and build future-ready, sustainable businesses. With over 230,000 employees and business partners across 65 countries, we deliver on the promise of helping our customers, colleagues, and communities thrive in an ever-changing world. For additional information, visit us at www.wipro.com.

Job Description:

Job Description

Reading- 2-3 Days a week

Role purpose:
To act as the senior bridge between the Product Owner and Thames Cyber Resilience 3rd party delivery partner to drive the formalisation, socialisation, and embedding of Thames Water's Digital Resilience Strategy and Digital Resilience Target Operating Model (DRTOM). The Cyber resilience engagement lead will shape and deliver the stakeholder engagement strategy, translate supplier outputs into clear, executive ready insights, and orchestrate the governance integration and operating rhythm that enables measurable improvements to Thames Water's digital resilience posture.

Key Responsibilities:

1) Strategy & TOM Enablement

Translate Cyber Resilience 3rd party outputs into Thames ready exec summaries, playbacks, and decision papers.
Co ordinate and co author (with Product Owner & supplier) the Digital Resilience Strategy, linking to Business Resilience and Digital Strategy execution.
Maintain traceability from DRTOM to operating imperatives and regulatory requirements.
Drive monthly governance reviews, roadmap alignment, and portfolio execution inputs.

2) Governance Integration & Operating Rhythm

Stand up and run the Digital Resilience Steering Committee (cadence, papers, actions, templates).
Formalise roles, RACI, and escalation protocols spanning IRR, third party, data integrity, IT/OT, and supplier functions.
Define and land resilience KPIs & dashboards (readiness, recovery confidence, supplier risk, test results, regulatory alignment).

3) Digital Resilience Op-Model Factory (DROF)

Coordinate critical gap identification using Cyber resilience current state findings and dependency maps.
Orchestrate industrialised remediation sprints (backups & recovery validation, configuration hardening, CMDB cleansing).
Set the factory cadence, templates, tooling, action trackers, and evidence packs for audit/regulatory use.
Plan and facilitate scenario based resilience testing and table top exercises (design & facilitation; technical execution by TW teams).

4) Stakeholder Engagement & Comms

Build and execute a senior stakeholder engagement strategy (CIO, CISO, Exec, infrastructure/OT leads, system owners).
Craft clear, concise narratives and visuals for non technical senior audiences.
Deliver targeted briefings/awareness sessions and lead workshops across business/IT/OT.

5) Regulatory Alignment & Reporting

Ensure alignment to NIS, NCSC CAF, ISO 27001, SEMD, and sector specific requirements.
Produce Board & Regulator reporting inputs; maintain evidence logs for audits.
Recommend updates to onboarding templates, change control, and architecture gates to reflect service dependencies.

6) MVB → Bizzdesign Integration Support

Coordinate with Enterprise Architecture to align MVB to business capabilities.
Support pilot mapping, data quality checks, dependency linking, and attributes (criticality, RTO/RPO, restore tests).
Embed into BAU governance (stage gates, ServiceNow triggers, guidance updates).

Deliverables:

Digital Resilience Strategy (PPT) - structure, narrative, exec playbacks.
Updated DRTOM artefacts (PPT/Excel) - roles, RACI, governance integration, process updates.
Scenario playbooks & simulation materials (Word/PPT) - decision trees, workflows, tabletop packs.
KPI & Scorecard Framework (PPT) - metrics, dashboards, and evidence model.
Updated governance artefacts (PPT/Excel) - change control, risk checklists, escalation protocols, BCM docs.
RACI matrix (Excel) - validated through workshops.
Sprint outputs (PPT/Word) - remediation canvases, trackers, control evidence, residual risk.
Summary reports (PPT/Word) - lessons learned, recommendations, roadmap updates.
Board & regulator inputs (PPT) - structured, evidence ready packs.
MVB → Bizzdesign integration - pilot and scale support, data quality checks, BAU integration proposals.

Experience & Skills:
Must have:
10 years in cyber resilience / cyber programme delivery / operating model change in large, regulated enterprises (CNI preferred: water, energy, utilities, transport, healthcare).
Exceptional communication: storytelling, exec decks, clear visuals, concise decision papers.