My Dublin Based client is looking for a Principal Security Architect working with the Head of Security Strategy & Architecture.
Group Technology & Customer Solutions (GTCS) comprises of Group IT & Procurement, Group Change, Group Portfolio Office, Group Payments, Business Continuity and GTCS Risk Management, Group Data Office, Group Information Security, GTCS Strategy & Transformation and Enterprise Transformation Office (ETO).
Description of business unit
Group Information Security (GIS) is a diverse, collaborative team with multiple skillsets. With global cyber threats constantly evolving, the team is critical to protecting one of the Group\’s most important and valuable assets: Information.
GIS not only protect the security of the Company but also enable colleagues to develop secure ways of working and to make secure choices both in and outside of the office.
They do this through a variety of activities, including:
- using technology to monitor existing and emerging cyber threats
- detecting and preventing cyber attacks
- engaging with business units to guide them in their decision making (for example when introducing new products, services and vendors to the Group)
- explaining information security in simple terms
- interacting with colleagues to raise the bar on security awareness so that it is at the forefront of everyone\’s mind.
All underpinned by guidelines, standards, policies and security controls crafted to help protect employee and customer information – and a passion to keep our colleagues, communities and customers safe.
Purpose of the Role
Working with the Head of Security Strategy & Architecture, the Lead Security Architect will own, develop and mature the security architecture framework and ensure it is effectively embedded within the Group`s change and delivery methods. They will also run the demand pipeline into the team and lead all aspects of the engagements and work of a skilled team of security architects, who are working on the security architecture and design elements of a diverse range of change initiatives within the Group. They will also be required to act as an advocate for security architecture and provide architectural leadership, collaborating with other senior architecture leads across the Group to do so. The role holder will be key to our ambition to embed security by design effectively within the organisation successfully, in support of our business goals.
- Own and lead the security architecture framework and ensure it operates optimally. Drive incremental maturity of associated processes and artefacts and implement ways to measure effectiveness.
- Take main responsibility for maturing the security architecture capability of the Group, and play a supporting role for maturing other key security domains
- Provide architectural leadership for Information Security across the architectural community within the Group
- Contribute to the creation of various target architectures and to the subsequent project planning and execution to achieve these targets
- Build and maintain required security patterns and a security reference architecture
- Lead the development and execution of architecture and engineering strategies to continuously improve our security posture as the threat landscape evolves
- Partner with business partners and technical teams to craft, integrate, test, and deploy security solutions. This includes system-level architecture and design, risk assessments, and definition of technical security controls vital to achieve security requirements
- Provide thought leadership on Cyber and Cyber Risk, and contribute to the review and development of the cyber strategy
- Provide leadership to a team of architects, designers and engineers
- Oversee the demand pipeline of requests for security architecture engagement, and capacity within the team
What is the opportunity?
This is an opportunity to play a senior and key role in the evolution of security architecture within the company. We\’re serious about security by design, and we\’re looking for someone to join us to drive this agenda over the coming years, and to act as a champion for change and transformation.
- 3rd level degree in a computing or other technical discipline, or equivalent experience.
- SABSA SCF, TOGAF or other relevant architecture qualification.
Essential Skills & Experience
- Network architecture, Cloud security architecture. Demonstrable experience in leading the Security Architecture & Design agenda in large organisations, preferably within the financial services industry.
- Demonstrable management experience and ability to lead technical teams.
- Proven competency in critical thinking and leadership.
- Ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and inspires change initiatives, confronts difficult circumstances in creative ways, balances multiple competing priorities and executes accordingly.
Desirable Qualifications, Skills & Experience
SANS or any other equivalent security certifications. Networking certifications (e.g. CCNA) would also be desirable but not essential. CRISC, CISM, CCSP, CCSK. AWS Certified Solutions Architect (or Azure equivalent). Application Security – architecture, development, secure coding practices. Experience with software development methodologies such as waterfall, Agile, DevSecOps. NIST CSF, IRAM2, Threat Modelling.
Competency 1: Champion Transformation – 3. Leader
Competency 2: Agile – 3. Leader
Competency 3: One Group, one team – 3. Leader
Competency 4: Accountable – 3. Leader
Competency 5: Manage Risk – 3. Leader