You will be joining the Security Architecture department within the CISO Office in charge of putting in place the required controls to adequately and effectively protect our information assets.
The main responsibility of the team is establish and promote security best practices to help business and IT achieving their ambitions. This includes building vision and strategy, ensuring best practices are known and implemented in a standard way and providing security principles and reference architecture.
Enterprise Security Architect leverage their expertise to establish and promote security best practices.
As member of the enterprise security architect team
You will a leading role identifying the vision and strategies required to support the long-term objectives of infrastructure security.
You will develop business cases for major evolutions of our IT capabilities and you syndicate a wide range of senior stakeholders within business and IT. This includes maintaining the architectural requirements.
You will lead the development and drive the implementation of ensuring a secure integration of our partners in an environment where supply chain attacks is a growing threat.
The design of the security best practices including architecture principles, tools, patterns and develop architecture policies, standards and solutions.
Provide guidance and be a facilitator to ensure that standard security best practices are applied consistently and in a meaningful way.
Share their experience and vision to build security awareness with business stakeholders, IT and operational teams. Become the go-to person for infrastructure security.
Collect feedback from stakeholders, detect unaddressed security needs and identify opportunities for collaboration.
To develop concrete architecture deliverables
To develop, maintain and share security best practices on infrastructure security.
To work in close collaboration with Domain Architect, Security team, Technology Managers, Enterprise Architecture Team to build security standard and solutions.
To raise awareness of security issues
You have worked for more than 7 years in the IT industry and have proven experience working with senior management. Experience in the Financial Services industry and understanding of the complex regulatory environment is a plus.
You have experience in enterprise patterns that promote infrastructure security.
You have provided assistance to governance function to ensure good infrastructure quality practices are considered in all new designs.
You have working knowledge of every part of security: protection, detection and remediation.
You have experience in creating actionable strategies and setting up a small team to deliver it (implementation paths, with clear outcomes and continuous measurement of progress).
You can tackle autonomously all types of architectural analysis and can provide global & pragmatic recommendations adapted to the company context with little guidance.
Being proficient in English is required.
Knowledge of post-trade market infrastructures (e.g. CSD), knowledge of Enterprise Architecture frameworks (e.g. Togaf,Safe) and relevant experience with Agile operating models and frameworks are extra assets.
Complimentary Experience & Competences
Knowledge of security standards, security systems and authentication protocols
Knowledge of risk management framework & risk assessment procedures
Knowledge of cloud solutions & cloud security.
Solid understanding of public cloud environment and shared responsibility model
Certification in Cyber-Security such as Sans, CISSP, CISM, CRISC, ...