Information Security Architect
The Information Security team at Schroders provide thought leadership on managing the information security threats and vulnerabilities to Schroders information assets and is the centre of excellence for advice and coordination. The team is comprises of various SME's in Technology Risk, Cybersecurity, Insider Security including Access and User Behaviour Management, Security Architecture and Information Risk. What you'll do
What you'll need
- As the Security Architect at Schroders, you will need to have strong technical security expertise to conduct security design reviews and risk analysis, to identify potential security weaknesses in the design, implementation and operation of infrastructure and applications.
- You'll work closely with numerous teams across application delivery and infrastructure functions including networks, platforms and end user computing, to define security requirements that contribute to the secure design and implementation of solution, in additional to providing technical security expertise in support of audit related activities.
- You'll provide consult across the broad spectrum of information security domains, including Cloud and emerging technologies while appreciating the wider global regulatory and cyber threat landscape is essential.
- Provide guidance to technology and business stakeholders on internal and external audit processes, representing the APAC Technology & Change practices and processes to auditors and ensuring effective appropriate risk reporting practices are followed and controls in place.
- Provide BAU support for information security services required by stakeholders including but not limited to local admin access, USB access, web URL checks, email quarantine release
- Participate enthusiastically and effectively in Agile ceremonies with information security, business stakeholders and delivery teams, contributing to planning and resourcing.
- Champion information security and raise awareness about its role, objectives and initiatives.
What you'll be like
- At least 6 - 9 years of demonstrable experience on information security architect or related
- Strong knowledge of security architecture principles, applicable to perimeter defences, emerging threats, DDoS, secure configuration of hardware and software, vulnerability management, malware defences, event log management, access controls, data loss prevention, incident response, penetration testing, cryptography, application security within the SDLC, agile, secdevops and cloud security
- Experience managing the implementation of regional and global information security projects, initiatives and operational processes in concert with the relevant stakeholders and teams.
- Experience supporting businesses on impact assessments, security administration, third party due diligence, penetration tests, vulnerability assessments, and security monitoring
- Ability to present complex solutions and methods to a less technical audience; providing technical and non-technical thought-leadership and education of stakeholders
- Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls
- Ability to rapidly find, assimilate and correlate information correctly while under pressure
- S trong stakeholder engagement skills with the talent to connect and communicate across all levels across the Firm.
- Comfortable working across technology teams to identify, assess, track and close down regional risks
- Passionate about developing a career in Information Security
- Prior experience working in a large organisation or Financial services is an advantage