Senior Lead - Security Architect

Job Purpose

The Security Lead is responsible for ensuring that our systems are secure by design. You have a strong vision for the department and promote the best organizational patterns and practices. You tackle high-level challenges and balances quality with speed. 

Accountabilities

The Security Architect Lead will provide leadership and oversight by setting the direction, strategy, deliverables and operating models for the architectural security.  You will ensure that we have in place the appropriate toolkit, technologies and processes in place to ensure your systems operate and are designed to operate in compliance with the very highest security standards and requirements.

Responsibilities include:

• Involved in the security design of the system, products and protocols to ensure that we are always leading the way in security. You will act as a thought leader to ensure we stay ahead of the competitive and industry trends.
• Work alongside BSF control groups to stay abreast of internal and external requirements and ensure adherence
• Perform regular and thorough assessments and analysis on new and existing systems
• Embed the use of automated testing tools and processes, standardized frameworks and standards to enhance the agility and effectiveness of the security services

As the Security Architecture Lead, you will need to work collaboratively in an agile environment in order to excel and have a track record in leadership.  Ideally, you will possess:

• Demonstrable hands-on experience with modern DevSecOps practices and standards (5+ years), delivering secure products. Experience with Kubernetes.
• Knowledge and working experience with OWASP
• Experience of security governance and compliance (e.g., GDPR, PCI-DSS, ISO27001)
• Strong understanding of the penetration testing lifecycle (scope, conduct, analysis, client delivery)
• Experience of one or more major Cloud providers (AWS, Azure, Google, etc.) and cloud security
• Ability to work with regulators to meet the requirements and standards in the most practical and pragmatic way possible.
• A preference for working within the delivery team on applied security (not within a security ‘silo’).
• Experience working with the banking industry
• Hands on experience of Security Development lifecycles and their application in an agile environment
• Use of AST Tools
• Highly customer-centric with a passion to deliver a best-in-class customer experience
• Exceptional communication skills – both written and oral
• High levels of personal and professional integrity
• An entrepreneurial approach with an ability to operate both at a strategic level and to be hands on
• A positive, self-sufficient leader with excellent communication skills, intellect and energy
• Very sound judgment and business instinct with a desire to challenge traditional thinking
• Ability to admit when you are wrong and learn from it – ready to share news, no matter how bad you think it is
• Ability to encourage followership, motivate and develop a diverse group of people towards a challenging goal
• Determined to succeed, high energy with humility and a strong personal drive
• A collaborative working style.
• A very strong work ethic and a focus on customer delivery.