London, United Kingdom
North Starr are delighted to be working with a global financial services organisation in a greenfield role reporting in to the CISO. An excellent opportunity is on offer to drive the security architecture pillar within the information security team. The successful candidate will have the automomy and authority to really make a difference.
Purpose of the role
The management of all Information Security Architecture related activities within the Information Security team. This role is suited to a very technically capable information security architect with a proven track record for delivering technically complex solution designs within a busy and fast paced financial services sector organisation.
- The candidate will be responsible for the day to day information security architecture activities across business, technology, and security driven projects.
- The candidate should have extensive exposure to previous security architecture type roles and possess a strong security engineering and technology engineering acumen.
- The candidate must be capable of working alone through the security architecture design and delivery phases of critical technology and business processing systems.
- The candidate must be capable of working in a pragmatic manner with other design authority stakeholders.
- The candidate must have a demonstrable technical background covering all security control subjects.
- Technical security strategy and design will be a major part of this management role within InfoSec.
- Provides in-depth guidance and steerage regarding security strategy and requirements.
- Reviews and approves all proposed technology and architectural solutions / designs.
- Creates and proposes in-depth security solution designs, standards, procedures, and baselines in support of technology, InfoSec, and business side initiatives.
- Risk assessment of all undertaken projects and initiatives.
- The stakeholder management necessary to achieve acceptance and approval for security solution designs.
- The security architecture subject matter expert for all project stakeholders.
- Responsible for mapping and documenting the security controls of the global technology estate.
- Controls and designs gap analysis, identifying flaws or weaknesses and proposing plans for remediation of any flaws.
- Stays abreast of the cyber threat landscape specific to Man Group and proposes adjustments in controls accordingly.
- Will work with the CISO and broader InfoSec team on all security related matters that require security expert level input.
- 10+ years' experience in an InfoSec Architecture role with management of an architecture function desirable.
- Experience within the financial sector will be a considerable benefit.
- The ability to translate business requirements into secure solutions aligned with strategy and risk appetite.
- Past/proven experience managing staff resources would be a benefit
- Established background in Information Security Architecture
- Established background in Information Security Engineering and Engineering Architecture.
- Strong background and working knowledge of IT, Networking, and Security technologies and controls.
- Strong background and working knowledge of Application Security and secure software lifecycle standards and practices.
- Strong stakeholder management skills - the candidate must be able to take charge and provide clear direction.
- Deep knowledge of Windows and Linux operating systems and supporting infrastructure elements.
- Strong knowledge of new and emerging technology elements.
- The ability to interface across the organisation with other teams and managers of all levels.
- In-depth knowledge of cyber threat landscape, cyber-attacks, and counter-measures.
- In-depth knowledge of the regulatory/legal landscape regarding; InfoSec, Cyber, and Privacy matters within the FS sector
- Analytical, risk, and decision-making skills.
- Project management skills
- Excellent written and verbal communications skills.
- Excellent organisational skills.
- Must be able to work efficiently under pressure and prioritise workload appropriately
- Must be able to work efficiently alone or as part of a team
- Ability to adjust to changing priorities while multitasking effectively.
- Ability to articulate very complex security and privacy concepts to business users.
- Ability to communicate with clients and or other external stakeholders in a professional manner.
- Desirable security industry certifications include; CISSP, CISSP-ISSAP, CISSP-ISSEP, CCSP, CEH, CHFI, Togaf, Sabsa
- Vendor specific certifications also desirable.
For immediate consideration please send your CV to firstname.lastname@example.org