Security Architect

Expiring today

Schroders Investment Management
London, United Kingdom
14 Jul 2022
13 Aug 2022
Job Function
Industry Sector
Finance - General
Employment Type
Full Time
The team
The Information Security team at Schroders provide thought leadership on managing the information security threats and vulnerabilities to Schroders information assets and is the centre of excellence for advice and coordination. The team is comprises of various SME's in Technology Risk, Cybersecurity, Insider Security including Access and User Behaviour Management, Security Architecture and Information Risk.

What you'll do
The Security Architect, with a broad cybersecurity plus systems, network, cloud and architecture knowledge and experience, will provide overall direction, lifecycle management and leadership for security architecture and technology.

The individual will perform a lead role in various critical initiatives through the identification, analysis, evaluation, lifecycle management and adoption of security architectures and technologies.

The Security Architect will work closely with other security functions and will provide guidance to ensure that there is coordination with their activities in technology choices.

In addition, the Security Architect will be involved with education and mentorship, supporting the delivery framework, development of technical architecture documentation, and advanced research topics.

Key responsibilities includes:
• Leading and contributing to the security posture of Schroders networks and systems, data centre infrastructures, cloud architectures and solutions.
• Developing, contributing and management of security architecture specifications, security architecture analysis, threat-modelling, security requirements, security standards and design patterns, reference architectures, security strategies and roadmaps.
• Applying security design principles to develop security architectures.
• Providing strategic points of view for security solutions and security industry events
• Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy.
• Developing security solutions to enable execution of the long-term security architecture.
• Driving security technology evaluations and proof-of-concepts.
• Building strong cross-organizational relationships and effectively influencing staff across the IT organization and product teams.
• Managing lifecycle of security technologies.
• Working closely with the other technology architects to ensure that security is properly embedded in their technology domain architectures.
• Assisting other architects in peer reviews.
• Evaluating and assessing risk as part of application and system lifecycle management.
• Staying current with security technologies and making recommendations for use, based on business value.
• Advising leadership on Cybersecurity issues, systems, processes, products, and services.
• Maintaining oversight of the design and implementation of IT/business systems to ensure appropriate and effective security controls are included.
• Serving as a Cybersecurity expert to contribute to the definition of overall IT architecture.

What you will need:
• Significant practical cybersecurity architecture and design experience in networks, data centre systems, cloud infrastructure and platforms (IaaS security, PaaS security).
• Strong experience in threat-modelling of complex systems.
• Experience in delivering comprehensive architecture specifications for security solutions.
• Experience with creating technical documentation:
o product documentation,
o technology and systems/network architecture,
o technical security standards.
• Strong working experience with security technologies, such as Firewalls, Intrusion Detection/Prevention Systems, Vulnerability Scanning, WAF, Wireless LAN, NAC, DLP, DDoS Mitigation, WAN security, SIEM, Content Filtering, Cloud Security gateways, Secure Proxies, and Crypto solutions.
• Strong hands on cloud architecture, with knowledge and working experience in: Azure & AWS services.
• Strong expertise and experience with Linux and Linux security
• Solid understanding of and ability to speak authoritatively to security principles in areas such as network, systems, virtualization, cloud technologies, access control, and cryptography.
• Proven ability to troubleshoot and resolve complex technical issues at Expert level.
• Experience integrating multiple vendor products.
• Preferred certifications may include: CISSP, SABSA, TOGAF, Aglie (SAFe), GIAC DSA
• Hands-on experience and strong understanding of technology and enterprise security
• Solid understanding of compliance, regulatory and legal requirements relevant to Financial industry such as MAS, CSSF, FCA etc.
• Understanding of relevant Industry Principles, Best Practices, and Standards, such as NIST, ISO, CIS, OWASP, MITRE, CSA-CCM etc.
• Ability to function as an individual contributor and mentor/leader detached from the corporate environment.
• Programming/coding and DevOps experience is a plus (Python, Ansible, Terraform)
• Experience with application security technologies like SAST, DAST, RASP, etc is a plus.

What you'll be like
• Strong stakeholder engagement skills with the talent to connect and communicate across all levels across the Firm.
• Comfortable working across technology teams to identify, assess, track and close down regional risks.
• Passionate about developing a career in Information Security
• Prior experience working in a large organisation or financial services is an advantage

We're looking for the best, whoever they are
Schroders is an equal opportunities employer. You're welcome here whatever your socio-economic background, race, sex, gender identity, sexual orientation, religious belief, age or disability.

Similar jobs

Similar jobs