Security Solutions Architect
Job type: Long term
Key Technology Experience: Security Architect experience in a banking or financial sector, Kubernetes, Docker, Containers, HCI, DevOps,
What is the purpose of this Role?
The Security Solutions Architect role holder will be assigned to one or more major technology change programmes and within each will be responsible for:
- Leading the design and development of the Solutions Architecture that meets the security and resilience objectives defined by the bank’s IT strategy and by the programme
- Ensuring that the delivered applications, components, services and infrastructure are designed to meet the secure and resilience standards required to meet the bank’s operational controls Secure and Resilient Solutions are designed and implemented
- Engaging early with relevant solutions, operations and infrastructure teams to ensure ‘security-by-design’ is embedded within the Technical Infrastructure and Operational design.
- Designing and Developing Enterprise Security Architectures that provide effective Cyber Security defenses for the bank.
- Delivering on the promise of a “Everything as a Service“ philosophy through the provision of enduring security technology design, infrastructure roadmaps and alignment with the bank’s target state Secure and Resilient Architecture standards
- Working with and contributing to the IT Architecture Community of practice in the Bank, who are tasked with the definition of the Bank’s future IT architecture and strategy, ensuring alignment across all technology domains and providing ongoing support and guidance to the delivery teams, to achieve the business strategy.
The Security Solutions Architect will guide, develop and monitor the end to end low level design of the end-to-end solution designs, to ensure they meet the bank’s security and resilience standards. You will support the individual development teams (in-house and 3rd party) to ensure they align to the bank’s standards. This will be done through relevant solution or code reviews to ensure application of industry best practices, alignment to solution blueprints, security and compliance obligations, in line with the bank’s security policies. The role will produce and maintain a repository of all design artefacts and associated technology roadmap updates.
The role will be based in Dublin but there will be a requirement for travel to Cork from time to time (generally about 20% of the time). The role and associated responsibilities may change at a future date in response to business or operational requirements.
- Gather and analyse requirements from product owners, ITSG security policies and relevant security architecture standards leading to a clearly documented set of functional and non-functional security requirements.
- Develop a security architecture, leveraging or evolving existing capabilities, to ensure the relevant change programmes align to the bank’s risk and compliance obligations (to maintain secure and resilient services) and align to achievement of the bank’s target state architecture
- Provide technical and architectural oversight for systems and projects that are required to be reliable, scalable, highly available, and maintainable.
- You will ensure the solution design decisions are presented to the relevant design review boards for assessment, approval and/or identifying future remedial work as may be required from time to time
- Assist with the delivery and maintenance of the Bank’s future IT security architecture and strategy, ensuring alignment and support for the achievement of business goals.
- Gaining an understanding of our Current State and Target State Architecture and ensure alignment is maintained with the bank’s technical direction around security for existing and future platforms.
- Lead and mentor other team members within the programme, providing guidance and support as required to maintain the solutions delivered to the set of security requirements defined for the programme
- Foster development best practices within the solutions delivery teams, with particular focus toward building security by design
- Facilitate communication with cross-functional groups to ensure common language and understanding of the scope of secure and resilient requirements
- Work with technical and business stakeholders to develop secure business requirements, develop the security architecture which align with our longer-term platform strategy.
- Ensure review and signoff of solution level security architecture with the Information Security team on reviews and conformance to security standards.
- Work directly with project development teams to enable successful project implementation applying the recommended security tools, technologies and techniques. Provide expertise to project team engineers as needed.
- Stay up to date on new tools & techniques in Information Security.
- Conduct proof of concept activities with key business users in support of advanced use cases
Business & Customer
- Contribute to the IT Leadership Team and support colleagues in the delivery of the Team and Company objectives.
- Contribute to management reviews and actively support strategic decision making in IT and the Company.
- Maintain ongoing communication with the business to ensure supply and demand issues are identified and aligned with the needs of the business.
- Support the business in the review and development of new initiatives and opportunities and lead the delivery when required.
- Represent Group Technology on steering, working groups and focus groups as appropriate.
Risk & Control
- Progress programme solutions through the necessary IT security governance reviews and architecture designs reviews and follow the agreed architecture governance process
- Ensure that Risks are identified, logged and managed in a proactive manner and all work practices and processes are fully compliant with Company policies and its Regulatory requirements.
- Implement and govern best practice infrastructure deployment, release procedures and standards to deliver secure and resilient solutions
Technical Competences for your Role - what you are expected to knowExpertise
- Proven track record for end to end solution design incorporating planning, designing, governing and executing significant enterprise IT technology projects with the ability to manage multiple initiatives simultaneously with minimal supervision
- Deep technical knowledge of Identity related technologies, use of Cryptography and cryptographic protocols and current relevant technologies in this area e.g. OAUTH2, SAML, etc.
- Strong knowledge of network and information security and access control technologies.
- Significant systems integration experience across disparate technology stacks.
- A demonstrable focus on automation first when designing deployments.
- Experience in one or more of the following enterprise banking solutions:
- Core banking applications
- Payments and messaging system
- Ancillary banking applications, including (among others): Data Warehouse and Business Intelligence, Fraud systems, General Ledger, Regulatory and MI reporting, Document production; Content Management, etc.
- Banking integration standards, including PSD2, BIAN, Open Banking, SEPA, etc.
- A knowledge of digital banking solutions, e.g. web/mobile channel integration will be an advantage
- Digital Business Transformation
- Project delivery via Waterfall or Agile methodologies
- Strong communication and influencing skills
- Certification across relevant technology domains would be advantageous, e.g. Agile methodologies, SABSA, CISSP
- Minimum 5 years’ experience in an IT Security related role.
- Demonstrable track record of delivering multiple con-current infrastructure projects to time, cost and quality commitments.
Further Expected Knowledge & Skills
- Commercial /Vendor management/Market Acumen - knowledge of IT trends and innovations that are occurring in the market-place.
- Strong skills in creating robust designs that are secure, resilient, flexible and scalable.
- Highly efficient in communicating design principles and supporting their design constructs.
- Customer Focus- understanding the importance of delivering modern customer focused solutions.
- Influencing and negotiation skills.
- Demonstrating flexibility in delivering on business priorities.
- Strong stakeholder management skills and ability to manage internal and external relationships
- Excellent written and verbal communication skills and proficiency in Word, Excel, Visio, PowerPoint.
- A 3rd level qualification in an appropriate discipline or appropriate experience level.
Candidates must be eligible to work in Ireland or currently hold a Stamp 4 Visa to apply.
If you are interested in applying for this role, please do so via the relevant link. If you would like to discuss this role in confidence, please contact Chris Byrne in itContracting directly.
Evros / itContracting is an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital / civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality and ethnic or national origin, colour, sexual orientation or disability. Evros / itContracting apply all relevant Data Protection laws when processing your Personal Data.