Description
Security Architect required for a global bank. The role will be centred on the secure migration of SaaS systems.
Strategic
- Work closely with Enterprise Architecture in the effective delivery of solutions
- High-level knowledge of all key areas of Information Security Technology and an ability to apply them appropriately
- Work with other Security Architects to build security into infrastructure and architecture designs
- Provide direction and advice on projects related to security portfolio to strengthen the overall cybersecurity posture
- Assess SaaS and IaaS cloud services and virtualization technologies and provide direction and input for the maturation of the Cloud Security Framework where necessary
- Foster relationships with key functional teams such as IT, Compliance, Operations, Finance, HR, Internal Audit, and Enterprise Risk to support current and future initiatives
- Keep informed of new and updated industry frameworks and regulations: GDPR, ISO , SANS Top 20 Critical Security Controls, NIST CSF, SP 800-53, PFMI, CPMI ISOCO and FFIEC handbook, SABSA
- Keep informed of new and emerging security threats & assess the effectiveness of current controls to identify opportunities for program improvement
Operational
- Engage with stakeholders across the organisation to develop relationships and the brand of Security Architecture
- Interface with program and project managers to ensure appropriate security architecture engagement as necessary
- Develop a strong interlock with the other security functions to support the transition of projects into operation with effective governance
- Ensure appropriate quality of security architecture artefacts, engagement and managing escalations should they arise
- Ensure appropriate interlock and attestation against security controls where appropriate
- Maintain engagement with Security Engineering and Operations for the management of vulnerabilities, risks and remediation methods
- Ability to take initiative, self-motivated to work independently to deliver against project requirements
- Assure compliance with security controls to identify control gaps, develop remediation plans and determine residual risk
- Lead by example in the engagement of Security Architecture of projects across the enterprise
As an ideal candidate, you will have an industry certification such as CISSP/CISM/CRISC and SABSA/TOGAF and have expert knowledge of Information Security Architecture. You will also have a proven track record of delivery in a similar role. Experience in Financial Services is highly advantageous.