Enterprise Architect, Operational Security
WPP is the trusted growth partner for the world’s leading brands.
We unite cutting-edge media intelligence and data solutions, world-class creativity, next-generation production, transformative enterprise solutions and expert strategic counsel in a single company – powered by exceptional talent and our agentic marketing platform, WPP Open, to help our clients navigate change, capture opportunity and deliver transformational growth.
We have been building the world's most valuable brands for 50 years and have global reach across 100+ markets, with deep local expertise.
Our people are the key to our success. We're committed to fostering a culture of creativity, belonging and continuous learning, attracting and developing the brightest talent, and providing exciting career opportunities that help our people grow.
For more information, visit WPP.com.
Why we're hiring:
The Enterprise Security Domain Architect at WPP will be a pivotal role, responsible for defining and evolving the security architecture within WPP. This role ensures that WPP's technology landscape is designed with security, resilience, and compliance as fundamental pillars. The architect will bridge the gap between business objectives, regulatory requirements, and technical implementation, specifically focusing on embedding security best practices.
Operating heavily in the Cyber Risk and Compliance function, the role will have a strong Security Operations architecture focus and will be key to ensuring the Security Operations function is successful and effective.
This role offers a unique opportunity to shape the security foundation of one of the world's leading creative transformation companies. You will work on cutting-edge technologies, collaborate with diverse global teams, and directly contribute to protecting WPP's intellectual property, client data, and brand reputation in an evolving digital landscape.
What you'll be doing:
Security Architecture Strategy: Develop, maintain, and communicate the domain-specific security architecture vision, strategy, and roadmap, ensuring alignment with WPP's overall enterprise security strategy and business goals.
Secure Design & Development: Provide expert architectural guidance and oversight for key projects and initiatives within the domain, advocating for secure design principles, patterns, and practices throughout the software development lifecycle.
Compliance & Governance: Ensure that architectural designs and implementations adhere to relevant regulatory compliance frameworks (e.g., GDPR, CCPA, ISO 27001) and internal security policies. Participate in security audits and assessments, translating findings into actionable architectural improvements.
Threat & Risk Management: Conduct architectural risk assessments and threat modelling within the domain, identifying potential vulnerabilities and recommending appropriate mitigating controls. Integrate risk management practices into architectural decision-making.
Cybersecurity Integration: Embed advanced cybersecurity concepts, technologies, and best practices (e.g., identity and access management, data protection, network security, incident response capabilities) into the domain's architecture.
Standards & Patterns: Define and promote security architecture standards, guidelines, and reusable patterns for the domain to foster consistency, efficiency, and robustness across solutions. Create associated designs and artefacts as the requirement arises.
Stakeholder Collaboration: Work closely with other Enterprise Architects, Security Operations, CISO office, Development Teams, Product Owners, and Legal/Compliance to translate security requirements into technical solutions and gain consensus on solutions and architectural direction.
Technology Evaluation: Research, evaluate, and recommend new security technologies and architectural approaches that can enhance the security posture and efficiency of the domain.
Documentation & Communication: Create clear, concise, and comprehensive security architecture documentation, including diagrams, principles, and decision records. Effectively communicate complex security concepts to technical and non-technical audiences.
Security Solution Architecture: When required, form, lead and contribute to successful deliver of specific security solutions and workstreams.
What you'll need:
- Bachelors\master’s degree in computer science, Information Security, or a related field.
- Relevant industry certifications such as CISSP, CISM, SABSA, TOGAF, or CCSP are highly desirable.
- Architectural Expertise: Proven experience (X+ years) as an Enterprise Architect, Domain Architect, or Security Architect in a large, complex enterprise environment, preferably within the advertising, media, or professional services industry.
- Security Frameworks: Deep understanding and practical experience with security architecture frameworks (e.g., NIST, SABSA, TOGAF-ADM with security overlays) and industry best practices.
- Cybersecurity Knowledge: Strong understanding of contemporary cybersecurity threats, attack vectors, and defence mechanisms. Experience with various security domains including application security, infrastructure security, data security, cloud security (AWS, Azure, GCP), and identity management.
- Compliance Acumen: Solid knowledge of data privacy regulations (e.g., GDPR, CCPA) and other relevant industry compliance standards (e.g., ISO 27001, SOC 2).
- Risk Management: Demonstrated ability to perform security risk analysis, articulate risks to stakeholders, and propose effective architectural mitigations.
- Analytical & Problem-Solving: Exceptional analytical skills to decompose complex security challenges into manageable architectural solutions.
- Communication & Influence: Excellent verbal and written communication skills, with the ability to influence technical teams and senior leadership on security architectural direction.
- Technical Acumen: Hands-on experience with security tools and technologies is a plus, enabling informed architectural decisions.
Who you are:
You're open: We are inclusive and collaborative; we encourage the free exchange of ideas; we respect and celebrate diverse views. We are open-minded: to new ideas, new partnerships, new ways of working.
You're optimistic: We believe in the power of creativity, technology and talent to create brighter futures or our people, our clients and our communities. We approach all that we do with conviction: to try the new and to seek the unexpected.
You're extraordinary: we are stronger together: through collaboration we achieve the amazing. We are creative leaders and pioneers of our industry; we provide extraordinary every day.
What we'll give you:
Passionate, inspired people – We aim to create a culture in which people can do extraordinary work.
Scale and opportunity – We offer the opportunity to create, influence and complete projects at a scale that is unparalleled in the industry.
Challenging and stimulating work – Unique work and the opportunity to join a group of creative problem solvers. Are you up for the challenge?
#LI-Hybrid
We believe the best work happens when we're together, fostering creativity, collaboration, and connection. That's why we’ve adopted a hybrid approach, with teams in the office around four days a week. If you require accommodations or flexibility, please discuss this with the hiring team during the interview process.
WPP is an equal opportunity employer and considers applicants for all positions without discrimination or regard to particular characteristics. We are committed to fostering a culture of respect in which everyone feels they belong and has the same opportunities to progress in their careers.
