Senior Security Architect
Sorry, looks like this job is no longer open 😔
Check out other job openings on our job board!
View moreHalian Technology Limited
Job details
Aleadingfintechclientofminewithinthefintechspaceislookingforan EnterpriseSecurityArchitect ,developingacomprehensivesecuritystrategyisacoreresponsibility.Thisstrategyshouldalignwithbusinessobjectiveswhileensuringresilienceagainstevolvingcyberthreats. Responsibilities&TheRole: SecurityStrategy&Roadmap Definethelong-termsecuritystrategy,aligningitwithbusinessgoals,ITstrategy,andregulatoryrequirements. Developamulti-yearsecurityroadmapthatincludesinvestmentsincybersecuritytechnologies,processes,andcapabilities. SecurityArchitectureFramework Establishanenterprisesecurityarchitectureframework(e.g., SABSA,TOGAF,ZeroTrust ). Definesecurityreferencearchitecturesfornetworksecurity,cloudsecurity,applicationsecurity,andendpointsecurity. ImplementZeroTrustArchitecture(ZTA)principles,includingidentity-centricsecurity,leastprivilegeaccess,andcontinuousverification. ConductcyberriskassessmentstoidentifyvulnerabilitiesandassessrisksusingmethodologieslikeNISTRiskManagementFramework(RMF),FAIRModel,orISO27005. SecurityGovernance&Compliance Developsecuritypolicies,standards,andguidelinesthatenforceregulatorycompliance(e.g., ISO27001,NIST,GDPR,PCIDSS,SOC2 ). Establishgovernancestructures,includingSecuritySteeringCommitteestooverseecybersecurityprograms. Ensureauditreadinessandfacilitatesecurityauditsandcertifications. EmbedsecurityintoEnterpriseArchitecture(EA)byworkingwithIT,DevOps,andengineeringteams. Developsecure-by-designprinciplesthatintegratesecurityincloud,application,andinfrastructuredesigns. PromoteDevSecOpstoshiftsecurityleftinthesoftwaredevelopmentlifecycle(SDLC). ThreatIntelligence&CyberResilience ImplementaThreatIntelligenceProgramtoproactivelyidentifyemergingcyberthreatsandattacktrends. EstablishaCyberResilienceStrategy,includingbusinesscontinuity(BCP)anddisasterrecovery(DR)planning. SecurityAwareness&Culture Fosterasecurity-firstculturebydevelopingawarenessprogramsandsecuritytrainingforemployees,developers,andleadership. Conductphishingsimulations,securecodingtraining,andexecutive-levelcybersecuritybriefings. ContinuousImprovement&SecurityMetrics DefineKeyPerformanceIndicators(KPIs)andKeyRiskIndicators(KRIs)tomeasuresecurityeffectiveness. LeveragesecurityautomationandAI-drivenanalyticstoenhancethreatdetectionandresponse. Musthave/Nicetohave : Theabilitytobehandson Ideallyyouwillbefamiliarwithworkingonprojectsfromscratch,takingonresponsibilityfromthestart Theidealcandidatewouldhaveworkedforsmalltomediumsizebusinessesatsomepointorbecomfortablemakingkeydecisionsandbeingaccountableforthestrategyofdecisionsmade. Thereisa2-3stageinterviewprocesswith3daysaweekexpectedonmyclientssiteinLondon. Applynowtobeconsidered. ADZN1_UKTJ