Information Security Architect - AppSec Architecture - Banking

Information Security Architect - AppSec Architecture - Banking

Posted Today by Rothstein Recruitment

Apply
Negotiable
Undetermined
Undetermined
London Area, United Kingdom
Apply
Acquisition Due Diligence Application Development Application Programming Interface (API) Application Security Banking Cloud Computing Cloud Technology Continuous Integration and Continuous Delivery Digital Transformation Due Diligence Finance Information Systems Security Input/Output Java (Programming Language) Life Cycle Planning Management Microservices Mitigating Control Mobile Application Development Privacy Impact Assessments React.js Risk Management Risk Management Framework Secure Coding Software Coding Software Development Software Development Life Cycle Stakeholder Management

Summary: This role is for an Application Security Architect at a Challenger Bank, focusing on enhancing security during a significant digital transformation. The position involves leading risk assessments, managing risks, providing advisory services, and building relationships with stakeholders within the application development team. The architect will influence the security posture of critical banking systems while collaborating with various teams. The ideal candidate should have practical experience in application security and a solid understanding of technology change initiatives.

Key Responsibilities:

  • Lead risk & control assessments covering supplier due diligence, privacy impact assessments, and project security.
  • Support workstream in identifying and articulating risks, documenting mitigating controls, and ensuring timely actions.
  • Provide specialist advice on Information Security best practices and UK regulatory requirements.
  • Develop deep knowledge of the Bank's secure change processes and shepherd workstream through assessments.
  • Build trust-based relationships with key stakeholders within the delivery team.

Key Skills:

  • Solid experience in integrating application security controls into CI/CD pipelines.
  • Understanding of cloud security, microservices, and modern architecture.
  • Good understanding of core privacy concepts related to technology change initiatives.
  • Experience in supporting technology change initiatives securely.
  • Experience in undertaking security assessments of complex systems and platforms.

Salary (Rate): undetermined

City: London Area

Country: United Kingdom

Working Arrangements: undetermined

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Information Security Architect - AppSec Architecture - Banking

This is an excellent opportunity for an Application Security Architect to work with a Challenger Bank during their massive digital transformation . This is a chance to act as the security lead in an application development delivery team working across a complex hybrid tech stack. Operating with independence, you will be in a critical position to influence the security posture of critical Bank systems while collaborating closely with engineers, product managers, and business stakeholders.

Responsibilities

  • Risk and Control Assessments - You will lead risk & control assessments using the Banks defined processes, covering supplier due diligence, privacy impact assessments and project security.
  • Risk Management - You will support your workstream identify and articulate risks, steering them towards appropriate treatment plans, documenting mitigating controls and ensuring these are actions within agreed timeframes. You will operate in line with the Bank's Risk Management framework (including sub-frameworks) and relevant risk and compliance policies and procedures, ensuring appropriate and timely escalation of any concerns to your line manager.
  • Advisory - You will provide specialist advice and interpretation of Information Security best practice and UK regulatory requirements to a range of different stakeholders as new products, processes and systems are developed. You will need to be aware of your own knowledge gaps and when & where to seek specialist input to solve a particular problem or query
  • Subject Matter Expertise - You will develop a deep knowledge of the Banks secure change processes and procedures, shepherding your workstream through various assessments and approval gates
  • Relationship Management - You will build deep, trust based relationships with key stakeholders within your delivery team such as developers, testers, product managers, delivery leads and tech leads. You will be an active member of the delivery team, attending daily stand-ups, PI planning sessions and working groups.

Ideal Candidate

  • Application Security - Solid, practical and demonstrable experience of integrating application security controls (technical and non technical aspects), covering SDLC and secure coding practices, into CI/CD pipelines. Understanding of cloud security, microservices and modern architecture.
  • Privacy - You don't need to be a privacy expert but you will require a good understanding of core privacy concepts and how these apply to technology change initiatives
  • Technology Change - Demonstrable experience of supporting technology change initiatives to deliver solutions securely
  • Risk and Control Assessments - Although your primary focus will be SDLC and secure coding practices, you'll also need experience of undertaking security assessments of complex systems and platforms.

Interested? Please Apply!

Bank Banking Finance Information Security Architect Information Security Architecture Application Security Architect Java J2EE InfoSec Architect AppSec Architect React API RPJ JSP SDLC Software Development Life Cycle Digital Transformation

Apply
Similar Jobs
Loading data...