Technical Consultant - Cybersecurity Solution Architect - (FW939)

Technical Consultant - Cybersecurity Solution Architect - (FW939)

22 Dec
Fidelity International

22 Dec

Fidelity International


Job Description

About the opportunity Department Description

The Cybersecurity department is a part of the Global Technology function that provides IT services to the Fidelity International business, globally. These include the development and support of business applications that underpin our revenue, operational, compliance, finance, legal, marketing and customer service functions. The broader organisation incorporates Infrastructure services that the firm relies on to operate on a day to day basis including data centre, networks, proximity services, security, voice, incident management and remediation.

Cybersecurity is responsible for protecting the technology environment from internal and external security threats:

Application Security

Access Management

Cyber Defence Operations (CDO)

Information Security Management

Infrastructure Security

Security Architecture and Engineering

Security Application Support

The team are responsible for design and implementation of new security technologies and services, and for providing security consulting to business change projects inside and outside of technology, across a wide range of technologies.

These security technologies provide critical services to the business, the wider technology group and to the security function.

Maintaining service availability, ensuring systems are kept up to date, and on-boarding new customers to these security services are the responsibility of the Security Application Support team, supported by the Security Engineering function.

The Security Architecture & Engineering team are also responsible for being aware of the bigger picture, influencing and implementing designs and solutions that are supportive of security and other longer-term technology strategies. Examples of this include web application infrastructure, Platform as a Service and Public Cloud where opportunities for automation and integration must be identified and implemented.

Purpose of your role

The successful candidate will be experienced in contemporary architecture and engineering practices, agile etc and engage with business change programs, Enterprise Architects and Information Security Managers to provide security subject matter expertise. This is a critical role expected to build and maintain relationships with Enterprise Architects and Information Security Managers to ensure that Cyber Security requirements are captured and implemented within all business change.

The successful candidate will be comfortable working across multiple operating systems, databases, applications, and infrastructure components, and should be proficient in understanding the intricacies of a large financial services business. The role also demands the ability define, mature and manage engagement processes. It may also be required, from time to time, to further develop these processes to ensure full benefit is gained from them this includes development of reporting capabilities.

The successful candidate will have excellent infrastructure and application technology skills and experience and is preferred to be able to demonstrate having gained this experience working in a security environment, the ability to think and act as a security professional.

Key Responsibilities of the Security Solutions Architect role:

Ensure that security requirements and controls are embedded into business change

Support the architecture of security component services including infrastructure and application design

Review and input into the appropriate use of security technologies within the company

Work with stakeholders to build security into new designs and patterns

Define secure infrastructure and application build/implementations

Input to technology security roadmaps and strategy

Support the evaluation of new products and vendors during formal and informal processes

Input to wider technology stream strategies, design and implementations

Ownership of security led projects, and participation in non-security led project activities

Experience and Qualifications Required

At least 9-10 years experience working in similar domain

Understanding of Security Standards and GRC framweorks like NIST CSF, ISO 27k:2013, Cloud Security Alliance, Togaf 9 etc.

Proficient in Security Risk Frameworks and methodology for conducting Security Risk assessments.

Well versed in Security design review and control assessment methods for enterprise systems & applications.

Ability to provide technical oversight to design and implement security controls for enterprise applications.

Experience and strong understanding of security access management principles and standards implementations, such as federation (SAML, oauth etc)

Proficient in the contemporary use of IaaS (AWS & Azure) such as compute, storage, network services, containers and serverless computing

Understanding of the underlying protocols and technical components used as the basis for security services, including: HTTP, HTTPS, SQL, TCP/IP, Active Directory, LDAP etc

Experienced in the definition and delivery of customer facing security controls in a dynamic and complex environment

Competent in UNIX and Windows general configuration and operational activities

Understanding of traditional database technology and contemporary unstructured data source an advantage.

Familiarity with scripting and automation technologies (e.g Terraform, Ansible etc)

Ability to draw on experience to question and challenge existing or proposed solutions, the ability to work under pressure and to tight deadlines

Analytical skills with an ability to quickly assimilate new information

Strong communication skills with evidence of being in a position responsible for communicating technical issues to non-technical users; such as formal stakeholder engagement/communications

Banking or Finance industry related experience desirable

BSc/BA in Computer Science, Engineering, Information Systems and/or equivalent formal training or experience.

CISSP or equivalent security certification preferred

The original job offer can be found in Kit Job:

Reply to this offer

Impress this employer describing Your skills and abilities, fill out the form below and leave Your personal touch in the presentation letter.

Subscribe to this job alert:
Enter Your E-mail address to receive the latest job offers for: technical consultant - cybersecurity solution architect - (fw939)
Publish a new Free Offer
Need to publish an offer? With more than 1 million unique users per month, you will find the ideal candidate for your company instantly, what are you waiting for!
Publish Now

Subscribe to this job alert