Security Architect - Cloud. London

Excellent opprtunity to join a global fintech organsiation in a greenfield role.

Responsibilities

Supporting our security, engineering, operational and risk management functions in maintaining a good security posture, the responsibilities for this role include, but are not limited to, the following:

• Review and analysis of proposed technical solutions to identify appropriate security controls and subsequent review of the control implementations.
• Experience working with "Big Data" processing including environment and deployment models, ingest data pipelines, security, and infrastructure
• Interpretation of security requirements for the translation in to technical and procedural security controls.
• Provision of input and guidance on security related technical architecture and product design decisions.
• Threat modelling of applications, services and processes.
• Participation in security incident post-mortems and forensic reviews.
• Review of third-party technical security controls in relation to the interfacing with our systems.
• Evaluation and piloting of 3rd party security related products and services.
• Participation in the creation, maintenance and implementation of security policies and standards.
• Liaise and collaborate with key stakeholders in relation to IT security threats
• Keep abreast with the latest regulations and compliance requirements
• Champion and educate the organisation on the latest security strategies and technologies
• Protect the intellectual property of the organisation at all times
• Devise strategies and implement IT solutions to minimise the risk of cyber-attacks
• Contribute towards ISO and other relevant accreditation
• Maintain up to date knowledge and an awareness of security trends, keeping abreast of new risks, through self-education and attendance to industry seminars, to ensure ongoing security risk analysis and the implementation of technical systems and procedures to minimise risk
• Liaise with clients and potential clients to confidently articulate and demonstrate our security capabilities

Knowledge & Experience

• You will be expected to hit the ground running in a fast-paced environment with a growing workload, and have a high enough skill set to solve problems and find solutions with minimal hand holding
• Highly experienced in a technical information/cyber security role or roles.
• A practical knowledge of the OWASP Top 10 and relevant technical mitigations.
• A pragmatic and hands-on approach to information security and risk management.
• Strong networking and associated protocol knowledge.
• Working knowledge of mobile (iOS and Android) application, network and operating system security controls.
• Experience of performing security architecture and design reviews.
• Strong technical understanding of preventative and detective application and infrastructure security controls and their implementation.
• Practical knowledge of public cloud (IaaS) technologies including relevant security and IAM controls.
• The ability to work independently and autonomously as well as collaboratively within the security team and alongside other internal functions and external third parties.
• Excellent verbal and written communication skills.
• Extensive proven IT security experience in a regulated sector
• You will be an existing participant and regular attendee of technical/security industry events

• Excellent knowledge of general security risks, at both technical and business level

Qualifications

• CISM/CISA/CISSP/Security+/etc
• Bachelor's degree (BSc) in an I.T. or similar discipline, or equivalent level of experience is desirable