London, United Kingdom
Working across cross-functional agile engineering teams, the architect will be responsible for setting the software security standards for the products/platform across the whole of the group.
The architect will work closely with technical teams and construct a gap analysis of current security standards and a plan to move to a consistent engineering-based approach group-wide.
The architect will work closely with technical leaders to help build KPIs and other metrics to aid decisions on prioritisation for managing technical debt.
The architect will mentor other engineers/architects and be pro-active and a strong voice in the team.
The architect will be part of a team that are building market leading products that are secure, performant and scalable, using the latest technologies that are aligned with company vision and standards.
Design and Implementation
- Design security standards and best practices aligned with overall business and technology strategy
- Design security architecture elements to prevent and mitigate threats as they emerge.
- Work with Architects/Operations to review and design solutions that balance business requirements with information and cyber security requirements
- Work with Architects/Operations/Scrum Masters to build roadmaps on how to deliver in an agile manner
- Review of code for architecturally significant areas
- Be involved in maintaining the KPIs/metrics around security standards for the products
- Liaise with the Operations/Scrum Masters to coordinate regular penetration and vulnerability tests
Planning, Organizing & Delivery
- Ensure security roadmaps are always current and up to date
- Ensure security KPIs/metrics are always current and up to date
- Manage a training plan for teams
Initiative, Innovation & Change
- Identify and communicate current and emerging security threats
- Continuously look for ways to improve effectiveness and productivity and provide innovative solutions to difficult problems
- Knowledge sharing of technology/trends to teams
- Agile Teams
- Wider Architecture group
- Service Operations
- Degree in computer science, software engineering or cyber security would be advantageous
- Experience in improving toolchain security, particularly through automated end-to-end pipeline delivery
- Experience of setting and enforcing code quality standards
- Experience of implementing at least one secure SDLC methodology
- Understanding of REST APIs
- Understanding of Web Architecture
- Expertise in Identity and access management (IAM) frameworks
- Experience of presenting and training various people in an organisation security standards and best practices
- Ability to explain complex concepts to diverse audiences
- Experience of Agile methodologies
- Amazon Web Services experience
- Experience in conducting ethical hacking and penetration testing
- Experience of security for mobile applications (phone, tablet)
- Active in the White Hat and/or bug bounty community
- Certified in recognised industry security qualification:
- Certified Information Systems Security Professional (CISSP)
- Information Systems Security Architecture Professional (ISSAP)
- Collaborative – Working with various discipline to achieve goal
- Exceptional communication skills with diverse. As Security subject matter expert, explain technical topics to those without a technical background
- Passionate about subject
What's in it for you?
- We believe in creating a culture of engagement and reward to develop employee potential and offer long-term career success. So what can we offer you?
- Generous holiday allowance
- Private medical healthcare
- Life assurance
- Competitive pay and bonus scheme
- Complimentary benefits, including Bike to Work, Childcare Vouchers and discount schemes