About the opportunity Department Description
The Cybersecurity department is a part of the Global Technology function that provides IT services to the Fidelity International business, globally. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.
Cybersecurity is responsible for protecting the technology environment from internal and external security threats:
Cyber Defence Operations (CDO)
Information Security Management
Security Architecture and Engineering
Security Application Support
The team are responsible for design and implementation of new security technologies and services, and for providing security consulting to business change projects inside and outside of technology, across a wide range of technologies.
These security technologies provide critical services to the business, the wider technology group and to the security function.
Maintaining service availability, ensuring systems are kept up to date, and on-boarding new customers to these security services are the responsibility of the Security Application Support team, supported by the Security Engineering function.
The Security Architecture & Engineering team are also responsible for being aware of the bigger picture, influencing and implementing designs and solutions that are supportive of security and other longer-term technology strategies. Examples of this include web application infrastructure, Platform as a Service and Public Cloud where opportunities for automation and integration must be identified and implemented.
Purpose of your role
The successful candidate will be experienced in contemporary architecture and engineering practices, agile etc and engage with business change programs, Enterprise Architects and Information Security Managers to provide security subject matter expertise. This is a critical role expected to build and maintain relationships with Enterprise Architects and Information Security Managers to ensure that Cyber Security requirements are captured and implemented within all business change.
The successful candidate will be comfortable working across multiple operating systems, databases, applications, and infrastructure components, and should be proficient in understanding the intricacies of a large financial services business. The role also demands the ability define, mature and manage engagement processes. It may also be required, from time to time, to further develop these processes to ensure full benefit is gained from them this includes development of reporting capabilities.
The successful candidate will have excellent infrastructure and application technology skills and experience and is preferred to be able to demonstrate having gained this experience working in a security environment, the ability to think and act as a security professional.
Key Responsibilities of the Security Solutions Architect role:
Ensure that security requirements and controls are embedded into business change
Support the architecture of security component services including infrastructure and application design
Review and input into the appropriate use of security technologies within the company
Work with stakeholders to build security into new designs and patterns
Define secure infrastructure and application build/implementations
Input to technology security roadmaps and strategy
Support the evaluation of new products and vendors during formal and informal processes
Input to wider technology stream strategies, design and implementations
Ownership of security led projects, and participation in non-security led project activities
Experience and Qualifications Required
At least 9-10 years experience working in similar domain
Understanding of Security Standards and GRC framweorks like NIST CSF, ISO 27k:2013, Cloud Security Alliance, Togaf 9 etc.
Proficient in Security Risk Frameworks and methodology for conducting Security Risk assessments.
Well versed in Security design review and control assessment methods for enterprise systems & applications.
Ability to provide technical oversight to design and implement security controls for enterprise applications.
Experience and strong understanding of security access management principles and standards implementations, such as federation (SAML, oauth etc)
Proficient in the contemporary use of IaaS (AWS & Azure) such as compute, storage, network services, containers and serverless computing
Understanding of the underlying protocols and technical components used as the basis for security services, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory, LDAP etc
Experienced in the definition and delivery of customer facing security controls in a dynamic and complex environment
Competent in UNIX and Windows general configuration and operational activities
Understanding of traditional database technology and contemporary unstructured data source an advantage.
Familiarity with scripting and automation technologies (e.g Terraform, Ansible etc)
Ability to draw on experience to question and challenge existing or proposed solutions, the ability to work under pressure and to tight deadlines
Analytical skills with an ability to quickly assimilate new information
Strong communication skills with evidence of being in a position responsible for communicating technical issues to non-technical users; such as formal stakeholder engagement/communications
Banking or Finance industry related experience desirable
BSc/BA in Computer Science, Engineering, Information Systems and/or equivalent formal training or experience.
CISSP or equivalent security certification preferred
Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.
Job Description About the opportunity Department Description The Cybersecurity department is a part of the Global Technology function that provides IT services to the Fidelity International busine [...]
With a startup spirit and 90,000+ curious and courageous minds, we have the expertise to go deep with the world&rsquos; biggest brands&mdashand; we have fun doing it. Now, we&rsquore; calling all you [...]
Job Function: Cloud & Software Services Why SoftwareONE?: SoftwareONE is a leading global provider of end-to-end software and cloud technology solutions, headquartered in Switzerland. With an IP and [...]
Job Description About the opportunity Department Description The global cybersecurity & Information security (GCIS) department is a part of the Global Technology department. The Technology functio [...]