Join us as a Security Assessment Specialist
- In this key role, you’ll be working with the domain lead to define the product backlog and analyse a broad range of security information
- You’ll provide security architecture and technical consultancy to the projects and programme in the bank, including new proofs of concept which are onboarding the latest technologies, to large programmes fundamentally changing the way we do business
- It’s an opportunity to use your expertise and provide advice and guidance on the best course of action required to manage or solve any identified security risks
What you'll do
Working in our Security Architecture team, you’ll be completing security assessments, design reviews, consultancy engagements, evolving security policy and creating technical standards. You’ll analyse business requirements, technical solutions or processes to identify security related risks, and provide guidance on how they can be managed effectively through either technical or non-technical solutions.
You’ll also be assisting the wider bank in the rapid delivery of their desired business and customer outcomes, making sure that bank system health and security are maintained and improved where possible.
Additionally, you’ll be:
- Engaging with business and technology projects to identify security weaknesses in proposed systems or applications and developing appropriate solutions
- Using your broad knowledge in security specialisms, together with an appreciation of franchise and function strategies and objectives, to support the wider bank
- Participating in a culture of continuous improvement and collaborating with others, focusing on automation, virtualisation and scalability by incorporating security as early as possible
- Using your knowledge and experience of industry standards and best practice to influence senior stakeholders
- Working with colleagues and across service teams to create a collaborative resource model, flexing resources and building agility across teams to foster a culture of collaboration
- Delivering high quality services that address key areas of risk to meet the bank’s requirements
The skills you'll need
You’ll either have broad security experience or deep knowledge of a technical specialism, and you’ll also have experience in securing AWS, Azure, GCP, IAM, CI/CD pipelines, applications and other related technologies.
You’ll also need:
- In-depth IT and information security knowledge and experience, with an understanding of cloud computing technologies such as AWS, Azure and Google
- The ability to think strategically and demonstrate an appreciation of strategic alignment between security and the business domain
- A range of knowledge of industry standards and best practice, including ISF Standard of Good Practice (SOGP)
- Excellent communication, stakeholder management and interpersonal skills
- An understanding of change management processes and Agile methodologies