Join us as a Security Assessment Lead Specialist
- In this key role, you’ll be working with the domain lead to define the product backlog and analyse a broad range of security information
- You’ll provide security architecture and technical consultancy to the projects and programmes in the bank, including new proofs of concept which are onboarding the latest technologies, to large programmes fundamentally changing the way we do business
- We’ll look to you to provide advice and guidance on the best course of action required to manage or solve any identified security risks, and represent security in business led forums to achieve effective security governance
What you'll do
Working in our Security Architecture team, you’ll be completing security assessments, design reviews, consultancy engagements, evolving security policy and creating technical standards. You’ll analyse business requirements, technical solutions or processes to identify security related risks, and provide guidance on how they can be managed effectively through either technical or non-technical solutions.
You’ll also be assisting the wider bank in the rapid delivery of their desired business and customer outcomes, making sure that bank system health and security are maintained and improved where possible.
Additionally, you’ll be:
- Engaging with business and technology projects to identify security weaknesses in proposed systems or applications and developing appropriate solutions
- Using a broad knowledge in security specialisms, together with an appreciation of franchise and function strategies and objectives, to support the wider bank
- Participating in a culture of continuous improvement and collaborating with others, focusing on automation, virtualisation and scalability by incorporating security as early as possible
- Using knowledge and experience of industry standards and best practice to influence senior stakeholders
- Using your knowledge and experience to support and mentor less experienced colleagues in Security Architecture
- Supporting the Assessment Manager in the day-to-day management of the team, and deputising where necessary
The skills you'll need
You’ll either have broad security experience or deep knowledge of a technical specialism, and you’ll also have experience in securing AWS, Azure, GCP, IAM and CI/CD pipelines, applications and other related technologies.
You’ll also need:
- In-depth IT and information security knowledge and experience, with an understanding of cloud computing technologies such as AWS, Azure and Google
- The ability to think strategically and demonstrate an appreciation of strategic alignment between security and the business domain
- A range of knowledge of industry standards and best practice, including ISF Standard of Good Practice (SOGP)
- Strong communication, stakeholder management and interpersonal skills
- An understanding of change management processes and Agile methodologies