- Developing relationships within ITSD, with focus on close collaboration with the Security Engineering function.
- Establishing strong relationships with IT stakeholders to understand their challenges and upcoming requirements.
- Making meaningful contributions to and helping ITSD management execute on our strategy.
- Developing skills within the wider team.
leading Financial bank
- Refresh and maintain the security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and risk drivers.
- Develop and maintain security architecture artefacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
- Align to the latest developments and changes in both the security industry and the business environment to ensure security architecture becomes an enabler (current business focus is modern agile development and cloud).
- Participate in application and infrastructure projects, to provide the input of a trusted advisor and identify risks early in the lifecycle.
- Represent security at appropriate formal meetings (i.e. change management meetings).
- Refresh baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM).
- Influence and co-ordinate with new teams across IT (i.e. DevSecOps and Cloud teams) to advocate and embed good security practices.
- Validate IT designs for security best practices and recommend changes to enhance security and reduce risks, where applicable.
- Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
- Support the testing and validation of internal security controls, as directed by the ITSD management or the internal audit team.
- Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics.
- Strong technical background and demonstrable experience in at least two of the following areas: Application Security, Cloud Security, Infrastructure Security.
- Experience of contributing to or developing a multi-year strategy in a technical security domain.
- Experience of driving change in large organisations.
- Good stakeholder management and influencing skills.
- Excellent inter-personal communication skills, able to liaise with all levels of the business across all regions including key stakeholders and senior management.
- Experience of creating and delivering presentations and concise writing skills to produce clear documentation (policy, reports).
- Strong team skills, with specific focus on mentoring junior team members.
- Degree in relevant field or equivalent professional/industry certifications / experience
- The Lead Security Architect is a key resource within ITSD providing technical security direction to IT and the business.
- The role holder must be able to keep up with security matters relating to emerging domains. Current key areas are application and cloud security, in addition to traditional infrastructure.
- The role holder will be responsible for developing scalable, reusable architectural models.
- The role holder will need to have strong stakeholder management skills combined with a strong technical background, to enable cross-team and cross-region collaboration.
competitive day rate